Vulnerability Assessment Planning

• Definitions
  • Vulnerability | Threat | Exploit | Risk |Test
  • Risk = threat agent + attack + vulnerability + impact
• Challenges
  • Software asset and patch management
  • SIEM | Log Management | IoC
• Tools to use
  • Kali
  • Open source vs proprietary Scripts
  • Recording tools | Nessus,  Nikto, Nmap, Qualys