Types of Vulnerability Assessment


What is a vulnerability assessment?

A Vulnerability Assessment is a process of systematically reviewing and identifying potential risks and vulnerabilities in a software or information system. These Assessments evaluate whether the system is exposed to threats, assigns severity levels to vulnerabilities and even provide solutions  for remediation.

These assessments include evaluating systems and applications against a range of threats including phishing attacks and weak or default admin passwords to faulty authentication mechanisms and SQL injections. To get a better understanding of the tests conducted and the scope covered in a Vulnerability Assessment, let us take a deeper look at the different types of Vulnerability Assessments.

Types of vulnerability assessments

1.Wireless Assessment

Wireless Assessments observe various environmental, architectural, and configuration variables that have a direct impact on the security and functionality of your current wireless installation. This includes taking a look at all of your wireless access points and how they are distributed throughout your environment.

This would also include reviewing physical installations like the mounting and orientation of the access points to strengthen the systems and processes. If you are approaching an external provider like us VISTA InfoSec to conduct your Vulnerability Assessment, we will identify your wireless networks and evaluate wireless security controls, including access management, encryption and authentication functions.

We analyze the strength of wireless encryption schemes, assess the configuration of wireless access points and wireless cards. Such tests involve a process of attempting to identify known and unknown vulnerabilities and then provide recommendations for mitigation.

2.Build Assessment

Build Assessment is the process of analyzing software or application builds for any security or performance bugs. These security gaps may hinder the performance of the application at a later stage. Further, hackers and malware often look for security gaps/weaknesses to exploit and therefore breach the system.

So, a Build Vulnerability Assessment helps streamline a consistent evaluation of your application and system layouts, security system design, and the technology adopted in your current setup. This helps to prevent/control vulnerability build-ups from security or performance bugs. 

3.Web Application Assessment

This type of Assessment identifies the security vulnerabilities through front-end automated scans or performs dynamic or static analysis of code. It is a method essential for online and cloud-based applications. While Network Vulnerability Scanners scan the web-server and its operating systems, Web Application Scanners focus on the executing code of the application.

Unlike other vulnerability scans that use a database of known vulnerabilities and misconfigurations, Web application vulnerability scanners are specialized tools that look for common types of web flaws such as cross-site scripting (XSS), SQL injection, command injection, and path traversal. They can find previously unknown vulnerabilities that can be unique to the tested application. This is also known as Dynamic Application Security Testing (DAST) and is often used by penetration testers.

These are used in conjunction with Static Application Security Testing (SAST) tools, which analyze the actual source code of web applications during the development stage, as part of secure development lifecycles (SDLCs). Because of this, it’s common for Web Application vulnerability testing to be integrated into DevOps and QA processes via so-called interactive application security testing (IAST) tools that are complementary to SAST and DAST. This helps identify vulnerabilities and insecure configurations before applications are released into production or use.

4.Database Assessments

The Database Security Assessment is an evaluation process that identifies vulnerabilities or weaknesses in Database systems such as Oracle, Microsoft SQL, MySQL, Postgres, etc. The first element of risk is measured by evaluating a database’s susceptibility to a series of known vulnerabilities and attack scenarios.

This vulnerability could be a configuration error such as a lack of a database password policy; misconfiguration of critical files such as listener or configuration of audit trails; or a privilege management error such as public access to a sensitive table.

5.Host-based Assessment

Host-based Vulnerability Assessment is an evaluation process that provides a comprehensive insight into the potential internal and external risk exposure and the impact that it can have on business. It is an assessment that performs an in-depth evaluation of systems, and networks for identifying security weaknesses that needs to be addressed.

The assessor scans the system from the security perspective of a user who may have an access to the system/network from within the organization. So, with this assessment it provides an insight on potential insider threat to systems and networks. The assessment helps identify suspicious insider activities and detects intruders having already infiltrated the system. This way the Host-based Assessment provides an additional level of security that helps prevent internal misuse or external intruders compromising the security and accessing information.

6.Secure Configuration Assessment

Assessing risks prevalent within the systems and network of an organization is crucial. Secure Configuration Assessment is an evaluation process that helps identify vulnerabilities in the underlying configuration of your infrastructure. This would include Firewall/WAF, adequacy of your DLP security matrix, configurations of your routers, switches, servers, VPNs, NAC, Mainframes etc.

The assessment helps identify potential vulnerabilities and misconfigurations in systems and applications that a hacker may exploit to gain access. Overall, the assessment gives an insight into the current security posture while providing a complete overview of access controls, services, and applications running on critical systems, while identifying missing security patches.

7.Mobile Application Assessment

Mobile Application Assessment is a process of examining mobile applications to ensure that they are secure from potential threats. In the assessment, the experts evaluate the defense mechanism of your applications against known and potential threats by running an assessment of your mobile apps and their APIs. This helps identify vulnerabilities and potential risk exposure to your applications such as session management, storage of passwords or Man-in-the-middle attacks.

The security assessment involves performing both dynamic and static mobile security testing methods for evaluation. It is an assessment that includes analyzing security measures, application behavior, and privacy checks. Overall, the assessment helps enhance operational efficiency, reduces risk exposure, implement actionable security measures, addresses mandatory compliance requirements, and provides an assurance that applications are secure from potential threats.

Important takeaways

Vulnerability Assessments should be a prerequisite for both big and small enterprises to ensure the inclusive security of their IT infrastructure. These robust Assessments not only protect firms from malicious cyber-attacks but also helps build a credible stance among customers and shareholders.

Your Vulnerability Assessment methodology is influenced by the individual environment of the organization, the unique threats they are facing and their specific security requirements. Regardless of whether you are handling the Vulnerability Assessment with an in-house team or hire an expert external service provider like us at VISTA InfoSec, the information a Vulnerability Assessment provides is invaluable.

Since the main reason for conducting the Assessment is minimizing the risk of the organization, it needs to be a regular and timely process that takes into account any security threat before it arises and ensures the smooth functioning of your organization.



Narendra Sahoo
Narendra Sahoo

Narendra Sahoo (PCI QSA, PCI QPA, CISSP, CISA, and CRISC) is the Founder and Director of VISTA InfoSec, a global Information Security Consulting firm, based in the US, Singapore & India. Mr. Sahoo holds more than 25 years of experience in the IT Industry, with expertise in Information Risk Consulting, Assessment, & Compliance services. VISTA InfoSec specializes in Information Security audit, consulting and certification services which include GDPR, HIPAA, CCPA, NESA, MAS-TRM, PCI DSS Compliance & Audit, PCI PIN, SOC2 Compliance & Audit, PDPA, PDPB to name a few. The company has for years (since 2004) worked with organizations across the globe to address the Regulatory and Information Security challenges in their industry. VISTA InfoSec has been instrumental in helping top multinational companies achieve compliance and secure their IT infrastructure.