From the course: Cloud Security Operations by Pearson
Join today to access over 25,200 courses taught by industry experts.
Vulnerability assessment
From the course: Cloud Security Operations by Pearson
Vulnerability assessment
To do vulnerability assessment, first, we have to define vulnerability as well as risk. Remember, vulnerability should be quantified, for example, as a percentage of a probability or likelihood and not just some laundry list or vague list of scary things. In other words, vulnerability is a factor of the likelihood that a threat agent's actions will actually result in a loss, frequency and magnitude of loss. Vulnerability can be a derived value from the threat capability of actors combined with the resistance of existing security controls. We also call that difficulty. Vulnerability testing is semi-automated or fully automated and performed typically on a regularly scheduled basis. Now, although vulnerability assessment and testing is part of penetration testing, it is a separate ongoing program. Some common vulnerability databases that you can use as resources would be the Common Vulnerabilities and Exposures, CVE with MITRE, the National Vulnerability Database, the NVD with NIST, the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
Configuration and change management7m 26s
-
(Locked)
Continuity management2m 27s
-
(Locked)
Information security management1m 21s
-
(Locked)
Service-level management3m 58s
-
(Locked)
Incident and problem management7m 51s
-
(Locked)
Release and deployment management2m 47s
-
(Locked)
Availability management2m 26s
-
(Locked)
Capacity management1m 25s
-
(Locked)
Security operations centers (SOC)9m 5s
-
(Locked)
Intelligent security control monitoring15m 26s
-
(Locked)
Vulnerability assessment3m 20s
-
(Locked)
-
-
-