Hand in hand with threat assessment is the skill of vulnerability assessment. Vulnerability assessment is part of the basic definition of the work of any cybersecurity personnel. The skill is used to actively seek threats that may exist in computer systems and networks. Cybersecurity experts are expected to know how to identify vulnerabilities and determine their chances of being exploited. There are several tools and techniques that can be used for detecting vulnerabilities. People seeking to start careers in this field should learn how to use these tools and how to implement some techniques. An example of a tool that can be used for vulnerability assessment is Nmap since it can scan networks to identify the connected devices and also scan the devices to identify their open ports, which can be exploited. However, Nmap uses a command-line interface, and so you have to learn how to issue the different scan commands using it. Code review is a common technique for identifying vulnerabilities where the expert can tell whether the code that's used in systems can fall to attacks. For instance, a cybersecurity professional should be able to tell whether the code for a login page can fall to SQL injection or cross-site scripting attacks. They can do this by verifying whether all inputs are validated before they are processed.