The first step of a vulnerability assessment is a comprehensive real-time inventory of IT assets. The vulnerability scanning program must have visibility into the complete inventory, as it’s critical in assessing cyber risk exposure.
The second step of a vulnerability assessment is the vulnerability scan itself by an automated application. The scanner identifies and prioritizes vulnerabilities known within the system, and reports them.
Then security teams are able to make a risk assessment. They may do additional penetration testing to understand the potential exposure better or simply make a plan for remediation according to the incident response plan.
41 Madison Avenue, 37th Floor
New York, NY 10010
