Systematic identification and classification of security weaknesses in systems and networks.
A vulnerability assessment systematically identifies, quantifies, and prioritises security vulnerabilities in systems, networks, and applications. Assessments combine automated scanning with manual analysis to identify weaknesses, assess their severity, and recommend remediation. Unlike penetration testing (which demonstrates exploitation), vulnerability assessments focus on identification and prioritisation. Regular assessments—monthly or quarterly—maintain visibility into security weaknesses as environments change.
Why It Matters
The DSC Perspective:
Vulnerability assessments identify what needs fixing. Regular assessments ensure you maintain visibility into vulnerabilities as new systems are deployed and new vulnerabilities are discovered. Assessment reports help prioritise security efforts.