1 00:00:00,420 --> 00:00:08,040 All right, in the last lecture, we talked about the different vulnerability domes and different cybersecurity 2 00:00:08,040 --> 00:00:11,350 terms that you should be aware of in this lecture. 3 00:00:11,370 --> 00:00:18,480 We're going to talk about a very common term that most of you must have heard, and that is vulnerability 4 00:00:18,480 --> 00:00:19,080 assessment. 5 00:00:20,250 --> 00:00:26,580 A vulnerability assessment did a systematic review of the security weaknesses in an information system, 6 00:00:27,180 --> 00:00:34,470 it evaluates if the system is susceptible to any known vulnerabilities and assigns the security levels 7 00:00:34,470 --> 00:00:41,090 to those vulnerabilities and then recommends the remediation or mitigation, whatever is necessary. 8 00:00:41,960 --> 00:00:49,100 In simple words, it is a process of identifying, quantifying and prioritizing the vulnerabilities 9 00:00:49,100 --> 00:00:49,340 in a. 10 00:00:51,080 --> 00:00:57,200 Now, why you need to do a vulnerability assessment, so examples of threat, let's say, that can be 11 00:00:57,200 --> 00:01:03,650 prevented by doing such assessment, can be a good indication or cross site scripting or code injection 12 00:01:03,650 --> 00:01:04,150 attacks. 13 00:01:04,520 --> 00:01:09,290 If you are completely new to the Stones, I would say do not worry, because in the later part of the 14 00:01:09,290 --> 00:01:13,370 schools, we are going to see all of these students again. 15 00:01:13,370 --> 00:01:19,940 If there are any threats related to escalation of privileges due to faulty authentication mechanisms, 16 00:01:20,180 --> 00:01:24,440 even that can be identified with the help of a vulnerability assessment. 17 00:01:26,060 --> 00:01:30,980 So vulnerability assessments are typically performed in the following steps. 18 00:01:31,430 --> 00:01:38,450 First, the vulnerability assessor, now who is a vulnerability assessor, obviously the person who 19 00:01:38,450 --> 00:01:40,880 has a good knowledge of hacking. 20 00:01:41,210 --> 00:01:43,520 So he is a hacker, right. 21 00:01:43,760 --> 00:01:46,420 But is he or she a bad hacker? 22 00:01:46,430 --> 00:01:54,850 No, the person who performs an assessment is known as a penetration tester or ethical hacker. 23 00:01:56,030 --> 00:01:59,720 So Faust is cataloging the assets and capabilities in a system. 24 00:01:59,900 --> 00:02:02,420 What other resources are present in the system? 25 00:02:02,690 --> 00:02:05,930 Which resources are more vulnerable to the outside world? 26 00:02:05,960 --> 00:02:08,090 All these things are first noted down. 27 00:02:09,020 --> 00:02:15,920 Then the vulnerability assessor assigns quantifiable value and importance to those resources. 28 00:02:16,280 --> 00:02:22,220 For example, identities of users is top most important, right? 29 00:02:22,370 --> 00:02:28,940 Whereas a file which can which can be obtained, let's say a free period file which can be obtained 30 00:02:29,150 --> 00:02:34,400 through three or four travels on the website, is not that important because it is already available 31 00:02:34,580 --> 00:02:35,750 on the Internet for free. 32 00:02:36,090 --> 00:02:42,170 So in such cases, the quantifiable value is assigned to various resources. 33 00:02:43,280 --> 00:02:50,000 The next step is the penetration tester or the ethical hacker identifies the vulnerabilities or the 34 00:02:50,000 --> 00:02:52,400 potential threats to each of the resources. 35 00:02:53,360 --> 00:02:57,800 Now, the security scanning process consists of four basic steps. 36 00:02:57,800 --> 00:02:59,090 First is testing. 37 00:02:59,390 --> 00:03:04,940 Second is analysis, third assessment, and fourth is remediation. 38 00:03:05,270 --> 00:03:12,690 That is mitigating or eliminating the most serious vulnerabilities for the most valuable resources first. 39 00:03:13,630 --> 00:03:21,170 Now, when it comes to vulnerability identification, the objective of this step is to draft a comprehensive 40 00:03:21,170 --> 00:03:24,590 list of all the applications security vulnerabilities. 41 00:03:25,610 --> 00:03:33,350 Now security analysts test the security health of the applications, servers or other systems by scanning 42 00:03:33,350 --> 00:03:37,110 them with the automated tools that are already available in the market. 43 00:03:38,330 --> 00:03:40,430 Next is vulnerability analysis. 44 00:03:41,210 --> 00:03:48,220 The objective of vulnerability analysis step is to identify the source and the root cause of vulnerabilities. 45 00:03:48,800 --> 00:03:55,100 For example, if you do not eliminate a cause from its root, obviously there are going to be consequences 46 00:03:55,100 --> 00:03:57,830 even after removing some part of the vulnerability. 47 00:03:59,420 --> 00:04:01,580 And the third step is risk assessment. 48 00:04:01,820 --> 00:04:06,070 So the objective of risk assessment is to prioritize the vulnerabilities. 49 00:04:06,080 --> 00:04:11,600 As I said, assigning the quantifiable value comes under risk assessment. 50 00:04:13,830 --> 00:04:16,930 The next step is remediation, which is the fourth step here. 51 00:04:17,490 --> 00:04:21,840 The objective of this step is the closing of security gaps. 52 00:04:22,260 --> 00:04:28,680 It's typically a joint effort by the security staff of the organization, the development and the operations 53 00:04:28,680 --> 00:04:35,720 team who determine the most effective part for the remediation and mitigation of each vulnerability. 54 00:04:36,510 --> 00:04:43,440 It can include the introduction of new security procedures, implementing new security measures, and 55 00:04:43,740 --> 00:04:47,300 introducing the staff to the new security tools in the market. 56 00:04:48,000 --> 00:04:55,170 It can also include abduction of all the operational packages and patches and development and implementation 57 00:04:55,170 --> 00:04:56,760 of a patch vulnerability. 58 00:04:59,060 --> 00:05:06,050 So vulnerability assessment cannot be one of activity, so it's like you cannot do the activity once 59 00:05:06,050 --> 00:05:08,840 in a year and the rest of the year is your risk. 60 00:05:09,060 --> 00:05:10,100 It's not like that. 61 00:05:10,700 --> 00:05:17,150 Organizations who really care about their assets carry out vulnerability assessments at least once in 62 00:05:17,150 --> 00:05:17,540 a month. 63 00:05:18,380 --> 00:05:24,770 Now, there are some organizations which have inside a vulnerability assessment and there are some organizations 64 00:05:24,770 --> 00:05:27,480 who hire people to do the job for them. 65 00:05:27,770 --> 00:05:33,560 For example, let's say you are is a company whose main focus is to provide I.T. service management 66 00:05:33,560 --> 00:05:39,350 facilities like devlopment and, you know, developing more applications, databases, etc.. 67 00:05:39,980 --> 00:05:47,780 Now, for them, it is not necessary to have an inbuilt penetration testing or a vulnerability assessment 68 00:05:47,780 --> 00:05:48,210 stuff. 69 00:05:48,470 --> 00:05:55,160 So what do they do is they hire ethical hackers and carry out the vulnerability assessment either for 70 00:05:55,160 --> 00:05:57,670 the clients or for their own database. 71 00:05:58,100 --> 00:06:05,030 But if a company is large enough, let's say, like Amazon or even Oracle, they have their own security 72 00:06:05,030 --> 00:06:12,980 department in which these analysts are working day and night to prevent such vulnerabilities. 73 00:06:13,430 --> 00:06:20,390 So in this case, it is the process of identifying the risks and the computers in the network vulnerabilities 74 00:06:20,690 --> 00:06:22,690 and other parts of the IT ecosystem. 75 00:06:24,660 --> 00:06:31,590 Now, one of the most important question is why these assessments are important, or should organizations 76 00:06:31,590 --> 00:06:34,150 really focus much time on these assessments? 77 00:06:34,560 --> 00:06:37,260 The answer to this question is obviously yes. 78 00:06:37,950 --> 00:06:44,070 Early and consistent identification of the threats and the weaknesses in that security will obviously 79 00:06:44,070 --> 00:06:49,170 help the organization in patching those vulnerabilities instead of getting it exploited. 80 00:06:50,100 --> 00:06:59,100 And most cybersecurity compliance and regular regulatory needs satisfied when the tests are assessments. 81 00:06:59,130 --> 00:06:59,660 Ahmed. 82 00:07:01,560 --> 00:07:07,050 In this way, validity liberty assessments are carried out, and even during security audits, the auditors 83 00:07:07,050 --> 00:07:08,770 ask for this report. 84 00:07:09,090 --> 00:07:14,820 So if you are working in an organization in the security department, make sure that the organizations 85 00:07:14,820 --> 00:07:19,380 carry out liberty assessments and take this very seriously. 86 00:07:20,160 --> 00:07:26,810 Now, the reason behind most of the data breaches is many organizations ignore the monthly vulnerability 87 00:07:26,820 --> 00:07:27,420 assessments. 88 00:07:28,230 --> 00:07:34,290 Either some organizations do it by yearly, that is two times in a year or quarterly. 89 00:07:34,530 --> 00:07:41,190 But according to many security consultants and expert, vulnerability assessment is a regular process. 90 00:07:41,430 --> 00:07:43,140 It is not a one time process. 91 00:07:43,290 --> 00:07:49,560 So every month there must be at least one vulnerability assessment of the organization. 92 00:07:51,360 --> 00:07:57,870 So on this note, we'll end this lecture in the next lecture, we'll talk about the importance of vulnerability 93 00:07:57,870 --> 00:08:02,820 assessment, although I have explained to you the importance of vulnerability assessment in this lecture, 94 00:08:03,150 --> 00:08:03,940 in next lecture. 95 00:08:03,960 --> 00:08:06,240 We'll see in much more detail. 96 00:08:06,870 --> 00:08:07,460 All right. 97 00:08:07,740 --> 00:08:09,110 Keep the momentum going. 98 00:08:09,300 --> 00:08:11,660 I will see you in the next lecture.