Vulnerability Assessment and Testing

The document outlines a training module on Vulnerability Assessment and Testing, covering topics such as vulnerability management, scanning tools, penetration testing, and patch management. It emphasizes the importance of vulnerability assessment as a continuous process and details various types of scans and reports. Additionally, it includes rules of engagement for testing, ensuring the protection of sensitive information and proper communication during the assessment process.

Uploaded by

jjones4649

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

33 views18 pages

Vulnerability Assessment and Testing

Uploaded by

jjones4649

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 18

Vulnerability Assessment and Testing

Module – 05
Day - 11

Instructor - Bappe Sarker

Agenda
o Vulnerability Management
o Security Content Automation Protocol (SCAP)
o Security Vulnerabilities
o Vulnerability Scanning Tools
o Web Application Scanning Tools
o Gen idea on Penetration Testing
o Attack Vector Matrics
o Patch management
o Roles of Engagement

Lab-2: Vulnerability Assessment on network

Lab-3: Vulnerability Assessment on Web application
Vulnerability Assessment
• Vulnerability assessment is the ongoing, regular process of
defining, identifying, classifying and reporting cyber
vulnerabilities across endpoints, workloads, and systems.
Vulnerability Severity and Scoring
System

CVSS Calculator
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator
Vulnerability Database
1. https://nvd.nist.gov/
2. https://www.exploit-db.com/
3. https://vuldb.com/
4. https://www.cvedetails.com/
5. https://cve.mitre.org/
6. https://security.snyk.io/
Scan Types
Automated Scan
Fully Automated Scan with Scanning tools such as –
Nessus

Manual Scan
Manual Process, using google search, study about
systems, using open-source tools for example – Nuclei,
nmap, nmap script etc.
Assessment Report Types
• Mainly Two Types
Executive Summary (For Non-technical / Management People)
Technical Details (For engineering Team)

Others (Compliance / Standards)

Compliance Report (PCI-DSS)
Report Contents
Vulnerability Management Life Cycle
Assessment Vs. Management
Demo-01 : Vulnerability Assessment on network
Demo-02 : Web Vulnerability Assessment
using ZAP
Patch Management System
• Patch management is an
infrastructure management
activity where IT admins or
operations managers must
identify and prioritize
patching needs, obtain and
test these patches or fixes,
and deploy them to update,
improve, or repair existing
code.
Rules of Engagement - RoE
This is the meat of the document, and these rules are crucial to reveal in detail, as they
provide the dos and do nots of testing. They contain a lot of important project specifics
such as special testing parameters, requested rules the testing team should abide by, and
disclosures about testing that can help protect the client. Below are some of the different
things captured and detailed in this section:
• Treatment of sensitive information during the project
• How project status updates will be communicated
• Emergency contact information
• Handling of a sensitive and critical vulnerability
• Steps taken if a prior compromise is uncovered
• Security controls impact and specifics
• IP addresses of testing machines for monitoring/whitelisting
• Requirements for third-party hosting provider approvals to test
• In-scope targets, including the IP addresses and URLs
• Any specific compromise goals (i.e. Material and Non-public information, Credit Card
Data)
• Specific web-forms to be avoided
Any Question?
Thank You