__ is a continuous process of identifying, evaluating, treating, and
reporting security weaknesses in systems and networks to reduce risk
VUlnerability management
stages of vulnerability management
Scan»_space; Patch»_space; Pentest»_space; report
The automated process of identifying vulnerabilities in systems using specialized tools.
Scanning
Detects outdated software, open port, weak configurations
Scanning
Can be shceduled: daily, weekly, or monthly
scanning
Produces detailed reports listing discovered vulnerabilities
scanning
EXAMPLES OF SCANNING
detects missing security patches & updates
Nessus
EXAMPLES OF SCANNING
scans networks for known risks
OpenVAS
EXAMPLES OF SCANNING
identifies open ports and running services
Nmap
The process of updating systems or software to fix known vulnerabilities discovered during scanning.
Patching
EXAMPLES OF PATCHING
windows/linux security patches
OS updates
EXAMPLES OF PATCHING
fixing web server CVEs
Apache HTTP Server
EXAMPLES OF PATCHING
applying security updates to apps
Mobile apps
fixes security holes discovered during scanning
patching
requires testing before deployment in live environments
patching
must be done regularly to maintain a secure posture
Patching
The controlled simulation of cyberattacks to determine if vulnerabilities can be exploited — conducted
ethically with permission.
basic penetration testing
goes beyond scanning, actively exploits weaknesses
pentest
always conducted ethically and with written permission
pentest
helps understand real-world impact of vulnerabilities
pentest
EXAMPLES OF PENTEST
exploit known vulnerabilities in targets
metasploit
EXAMPLES OF PENTEST
attempt unauthorized system access
Login bypass
EXAMPLES OF PENTEST
test misconfigured services and auth
Weak passwords
Documenting vulnerabilities, their severity, and recommended fixes to communicate findings to
management or IT teams.
Reporting
