References : https://www.greenbone.net/en/vulnerability-management/ https://www.slideshare.net/ChandrakTrivedi/openvas-vulnerability-assessment-scanner - Prevention is better than the cure in every way, this is how information security engineer should think or cure will be nothing worth than firefighting. - Vulnerability is weakness point or gap in a security program that can be exploited by threats to gain unauthorized access to an asset. We all know that networks are vulnerable but we don’t all know where and how that’s vulnerability comes. - Vulnerability Assessment (VA) is the process of identifying, quantifying, and prioritizing (or ranking) the potential risks, threats and vulnerabilities in a system making (to-do) check list and develop strategies to deal with them. - We need to know our systems' weak points to harden them and protect our sensitive information from theft and attacks. - We all hear about high-skilled hacks that cause loos of sensitive data that happen everyday everywhere, this is why we need to look at our system from outside as an attacker would. - Servers may be secured, firewalls may be locked on tight polices but what about attached devices, printers, scanners, and fax machines. - Default configurations are your enemy. - The aim is to locate any vulnerability that might exist in your IT infrastructure. VA highlight all this is seconds. - IT security is a process and vulnerability management provides the foundation of this process. - Once you know where the chinks are in your armor, you can do something about them. - The process from recognition to remedy and monitoring represents a continuous cycle. You’ll always be one step ahead of attackers. - You can focus your hot spots, thus increasing the efficiency of antivirus systems, firewalls & Co. - Any IT system is at risk of attack by skilled hackers. - Typical causes of vulnerability are improper configuration or programming errors, unauthorized installations or violations of security measures. - Greenbone Security Manager uncovers these and countless other risks and helps you set priorities. - See the video at this link: https://www.greenbone.net/wp-content/uploads/Reduce_Attack_Surface_With_VM_v2.mp4 - OpenVAS framework is part of Greenbone Networks' commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009. - VA and Pen Testing are both deal with finding and fixing security holes but they are not the same thing. VA find vulnerabilities and can rate how dangerous they are, then offer a written report, but pen testing will actually try to exploit the system.