[ Thanks to Ramsai
for this link. ]
“Vulnerability assessment is a process for assessing the
internal and external security controls by identifying the threats
that pose serious exposure to the organizations assets. This
technical infrastructure evaluation not only points the risks in
the existing defenses but also recommends and prioritizes the
remediation strategies. The internal vulnerability assessment
provides an assurance for securing the internal systems, while the
external vulnerability assessment demonstrates the security of the
perimeter defenses. In both testing criteria, each asset on the
network is rigorously tested against multiple attack vectors to
identify unattended threats and quantify the reactive measures.
Depending on the type of assessment being carried out, a unique set
of testing process, tools, and techniques are followed to detect
and identify vulnerabilities in the information assets in an
automated fashion. This can be achieved by using an integrated
vulnerability management platform that manages an up-to-date
vulnerabilities database and is capable of testing different types
of network devices while maintaining the integrity of configuration
and change management.”