Concepts

A vulnerability is any potential weakness that can compromise the CIA of a system/info.

  • A potential weakness isn't a problem on its own.

An exploit is something that can potentially be used to exploit the vulnerability.

  • Something that can potentially be used as an exploit isn't a problem on it's own.

A threat is the potential of a vulnerability to be exploited.

  • A hacker exploiting a vulnerability in your system is a threat.

A mitigation technique is something that can protect against threats.

  • Should be implemented everywhere a vulnerability can be exploited: client devices, servers, switches, routers, firewalls, etc.

PreviousWhy Security?NextDenial-of-service Attack

Last updated