Vulnerability can be defined as a weakness in design,procedure and Implementation of the computer. Vulnerability management is the vulnerability assessment and penetration testing singapore process of managing vulnerabilities of a computer and maintaining an appropriate security state in an organization.It also helps in deciding whether to remove or tolerate the risk
They are four types of Vulnerabilities
- Physical Vulnerabilities
- Natural Vulnerabilities
- Hardware and software vulnerabilities
- Media Vulnerabilities
- Emanation Vulnerabilities
- Communication Vulnerabilities
- Human Vulnerabilities
Physical Vulnerability is building and equipment used in an organization are vulnerable to attack as an intruder can enter into its server room , the intruder can damage and spoil the network equipment.
After entering the server room, the intruder can damage and spoil the network equipment. Also various important and confidential documents can be stolen by taking their printouts or such information can be collected daily easily by hacking the servers
Natural Vulnerabilities – Computer are also prone to suffering damage from natural disasters or environmental threats.These disasters can be fire, flood, lighting and earthquake
Hardware and software vulnerabilities – All the hardware or software components of a system are highly secured, there are still chances that the system security would be threatened if the hardware components are not connected properly or software is not installed properly
Human Vulnerability is people managing or administering your system can also make system highly vulnerable. He/she may also convince other staff members to give passwords or open the doors of server rooms, thus endangering the system/network security
Penetration testing is mainly related to the patches and upgrades with the exact security configuration details. An example of full knowledge team is the normal security administration staff. For penetration testing the team with full knowledge should be considered.This is the because the team knows what has been secured therefore they will he able to properly test with each and every combination.