Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the daextlwcn domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the kirki domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114
Vulnerability Management - Cyber Software Institute
Facebook-f Linkedin-in Instagram
Contact Us

Vulnerability Management

Vulnerability Management

Vulnerability management is the “cyclical practice of identifying, classifying, prioritizing, remediating, and mitigating” software vulnerabilities.  Vulnerability management is integral to computer security and network security, and must not be confused with vulnerability assessment.

Vulnerabilities can be discovered with a vulnerability scanner, which analyzes a computer system in search of known vulnerabilities, such as open ports, insecure software configurations, and susceptibility to malware infections. They may also be identified by consulting public sources, such as NVD, or subscribing to a commercial vulnerability alerting service such as Symantec’s DeepSight Vulnerability Datafeed or Accenture’s Vulnerability Intelligence Service.

Unknown vulnerabilities, such as a zero-day, may be found with fuzz testing. Fuzzy testing can identify certain kinds of vulnerabilities, such as a buffer overflow with relevant test cases. Such analysis can be facilitated by test automation. In addition, antivirus software capable of heuristic analysis may discover undocumented malware if it finds software behaving suspiciously (such as attempting to overwrite a system file).

Correcting vulnerabilities may variously involve the installation of a patch, a change in network security policy, reconfiguration of software, or educating users about social engineering.