Analysis and Exploration of Vulnerabilities

Scope

The definition of what systems/software/endpoints/approaches are considered.

The most important component of setting up a successful security assessment.

If it's too broad, to mimic a powerful attacker:

  • Will be too expensive.

  • This may lead to a never-ending assessment.

  • This may lead to a lack of depth (missing vulns).

To narrow: Mimics a focused attack.

  • Cheap, fast, repeatable.

  • May miss easily found issues.

    • To focus on the bulletproof entrance door, placed a wall with a glass window.

Limitations

Assessment is only valid at a given point in time.

  • Other vulnerabilities may exist before or after the assessment.

Researchers must be aware of the latest vulnerabilities.

  • Risk of false negatives.

Limited to the scope, location, and methods used.

  • Different domains may have different FW access rules or security policies.

Tests specific entities, not the overall security controls.

  • A vulnerability may exist, but the security controls may limit/block its exploitation.

PreviousPenetration TestNextTypes of Assessments

Last updated