// THREAT DETECTION AND DATA PRIVACY TERM

Vulnerability

A vulnerability is a weakness or flaw in a system that can be exploited by an adversary to cause harm. It's like an unlocked door in a secure building, providing a potential entry point for an attack.

TECHNICAL DEFINITION

In cybersecurity and defense, a vulnerability is a quantifiable weakness in a system, software, hardware, or procedure that a threat actor can exploit to compromise the confidentiality, integrity, or availability (CIA triad) of a critical information asset or operational capability.

BACKGROUND

A vulnerability scanner is a computer program designed to assess computers, networks or applications for known weaknesses. These scanners are used to discover the weaknesses of a given system. They are used in the identification and detection of vulnerabilities arising from mis-configurations or flawed programming within a network-based asset such as a firewall, router, web server, application server, etc. Modern vulnerability scanners allow for both authenticated and unauthenticated scans. Modern scanners are typically available as SaaS ; provided over the internet and delivered as a web application. The modern vulnerability scanner often has the ability to customize vulnerability reports as well as the installed software, open ports, certificates and other host information that can be queried as part of its workflow.Authenticated scans allow for the scanner to directly access network based assets using remote administrative protocols such as secure shell (SSH) or remote desktop protocol (RDP) and authenticate using provided system credentials. This allows the vulnerability scanner to access low-level data, such as specific services and configuration details of the host operating system. It's then able to provide detailed and accurate information about the operating system and installed software, including configuration issues and missing security patches. Unauthenticated scans is a method that can result in a high number of false positives and is unable to provide detailed information about the asset's operating system and installed software. This method is typically used by threat actors or security analysts trying to determine the security posture of externally accessible assets.

READ MORE ON WIKIPEDIA

SYNONYMS & ALIASES

  • security flaw
  • weakness
  • exposure
  • security hole
  • attack vector
  • exploit
  • security bug

USAGE NOTE

Vulnerabilities are cataloged with a CVE identifier and scored using CVSS to prioritize patching and defense resources on military and intelligence networks.

DEVELOPERS

Organizations developing technology related to Vulnerability.

  • Tenable

    Creator of the Nessus vulnerability scanner, Tenable provides a cyber exposure platform that helps organizations manage and measure their cyber risk. Their products offer comprehensive vulnerability scanning and management for IT, cloud, OT, and container environments.

  • Qualys

    A provider of cloud-based security and compliance solutions, Qualys offers a platform for Vulnerability Management, Detection and Response (VMDR). It allows organizations to discover, assess, prioritize, and patch critical vulnerabilities in real time across their global hybrid IT landscape.

  • Rapid7

    Known for the Metasploit penetration testing framework, Rapid7 offers a suite of security products including InsightVM for vulnerability management. Their technology helps organizations reduce their attack surface by identifying, prioritizing, and remediating vulnerabilities.

  • Snyk

    A developer-focused security company that builds tools to find and fix vulnerabilities in open source dependencies, container images, and infrastructure as code (IaC). Their technology integrates directly into developer workflows to address security issues early in the development lifecycle.

  • MITRE Corporation

    A not-for-profit organization that manages the Common Vulnerabilities and Exposures (CVE) system. The CVE list provides a standardized identifier for a given vulnerability, which is a foundational technology used across the entire cybersecurity industry for vulnerability tracking and management.

  • CrowdStrike

    While primarily known for endpoint protection, CrowdStrike's Falcon platform includes Falcon Spotlight, a vulnerability management module. It provides real-time vulnerability assessment and visibility without requiring traditional network scans, leveraging the single Falcon agent.

  • Veracode

    Specializes in application security testing (AST). Veracode's platform provides a suite of tools for static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA) to identify and help remediate security vulnerabilities within software applications.

  • Palo Alto Networks

    A comprehensive cybersecurity company whose portfolio includes vulnerability management across various domains. Products like Prisma Cloud scan for vulnerabilities in cloud-native applications and workloads, while Cortex Xpanse identifies vulnerabilities on an organization's external attack surface.

RELATED TERMS IN MILITARY & INTELLIGENCE