Security Scanning is not Risk Analysis

Tuesday, 16 July 2002, 2:18 AM EST

A good security vulnerability assessment service will deliver a comprehensive report that includes detailed information about what exploits and possible threats your systems and networks are vulnerable to, and will rank these exploits and threats according to their risk levels. It should also include information about the exploits and threats, specifically naming them and describing how they work, and also provide recommendations for mitigating actions.

A risk analysis, in the classical sense, is a process that an organization goes through to determine their risk exposure. Risk is the possibility that damage could happen to a business or organization. The goal of a risk analysis is to determine the probability of potential risks, in order to integrate financial objectives with security objectives.

[ Read more ]




Spotlight

Compromised cPanel "Account Suspended" pages redirect to exploit kit

The code redirects visitors to another URL where the Fiesta exploit kit is hosted, which then tries to detect and exploit several vulnerabilities in various software. If it succeeds, the visitors are saddled with a banking Trojan.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Feb 27th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //