Vulnerability Identification
Introduction
At it's core, identifying system vulnerabilities that may be utilized by a threat actor is an exercise in finding flaws.
What is a flaw?
A flaw, or vulnerability, or weakness, is a state that upon the correct condition a threat actor may be able to utilize it in an unintended manner otherwise known as exploiting a vulnerability.
How do you record a known vulnerability?
| Hostname | Internal Name | External URL | Compliance Contact | Vulnerabilitiy | Detected by | Priority | Fix Due Date |
|---|---|---|---|---|---|---|---|
| SOUPRPROD015 | SOUPRPROD015.local | www.fancy.com | tom.anderson | SQLi on sales page | BugBounty2348 | High | Next Quarter |
Wait a minute m'lad'eo, what about unknown vulnerabilities?
This is where asset management, configuration management, and controls come in to play.
It is accepted that there are unknown vulnerabilties. From the first moth that caused an error (a bug) to the first piece of tape over the hole of a punch card, mistakes happen. Detecting them is called vulnerability discovery, and detecting those who may be exploiting them is Threat Hunting.
Controls exist to prevent potential flaws from being exploitable. For example, say a particular web application is vulnerable to a SQL injection vulnerability, but the database only processed pre-known procedural queries. The control of procedural queries prevents the successful exploitation of the SQL injection vulnerability.