Back to Cybersecurity

Module 6: Vulnerability Assessment

Master vulnerability scanning, patch management, and continuous security monitoring.

Vulnerability Assessment vs Penetration Testing

Vulnerability assessment identifies and prioritizes vulnerabilities. Penetration testing exploits them. Think of it as: assessment finds the unlocked windows, pen testing climbs through them.

Vulnerability Assessment:

  • • Automated scanning
  • • Identifies known vulnerabilities
  • • Broader scope
  • • Regular/continuous
  • • Less invasive

Penetration Testing:

  • • Manual exploitation
  • • Proves vulnerabilities
  • • Focused scope
  • • Periodic (quarterly/annual)
  • • More invasive

Vulnerability Scanning Tools

Nessus

Industry-standard vulnerability scanner with comprehensive plugin database.

  • • Network vulnerability scanning
  • • Configuration auditing
  • • Compliance checking
  • • Web application scanning

OpenVAS

Open-source vulnerability scanner, free alternative to Nessus.

Qualys

Cloud-based vulnerability management platform.

CVE & Vulnerability Databases

Common Vulnerabilities and Exposures (CVE) is a standardized identifier for known vulnerabilities.

CVE Example:

CVE-2021-44228 (Log4Shell)

Severity: Critical (CVSS 10.0)

Description: Remote code execution in Apache Log4j

Impact: Complete system compromise

Fix: Update to Log4j 2.17.0 or later

Key Databases:

  • • NVD (National Vulnerability Database)
  • • CVE (MITRE)
  • • Exploit-DB
  • • OWASP

CVSS Scoring:

  • • 0.0: None
  • • 0.1-3.9: Low
  • • 4.0-6.9: Medium
  • • 7.0-8.9: High
  • • 9.0-10.0: Critical

Patch Management

Keeping systems updated is crucial - most breaches exploit known, patched vulnerabilities.

1. Inventory

Know all assets and their versions.

2. Prioritize

Critical patches first, based on risk.

3. Test

Test patches in staging before production.

4. Deploy

Roll out patches systematically.

5. Verify

Confirm patches applied successfully.

Code Analysis

SAST (Static)

Analyzes source code without executing it.

  • • SonarQube
  • • Checkmarx
  • • Fortify
  • • Finds: SQL injection, XSS, hardcoded secrets

DAST (Dynamic)

Tests running applications.

  • • OWASP ZAP
  • • Burp Suite
  • • Acunetix
  • • Finds: Runtime vulnerabilities, config issues

Dependency Scanning

Third-party libraries often have vulnerabilities. Scan dependencies regularly.

npm audit Example:

# Scan for vulnerabilities

npm audit

# Fix automatically

npm audit fix

# Force fix (may break things)

npm audit fix --force

Snyk

Developer-first security

Dependabot

GitHub automated updates

WhiteSource

Open source security

📚 Module Summary

You've mastered vulnerability assessment:

  • ✓ Vulnerability scanning tools
  • ✓ CVE and vulnerability databases
  • ✓ Patch management processes
  • ✓ Static and dynamic code analysis
  • ✓ Dependency scanning
  • ✓ Continuous security monitoring

Next: Learn security operations!