In the previous chapter, we learned about various aspects of security IT infrastructure, including monitoring and responding to incidents, threat detection, and diverting attackers.
In today's digital world, information is accessed, stored, and transferred electronically. The security of this information and the systems storing it are critical to companies' reputations, as well as for providing a better user experience. Consequently, the need to analyze and remediate vulnerabilities from IT infrastructure have become the most important tasks for any security expert, system admin, or network administrator. Even if an organization has a well-managed security infrastructure in place such as a firewall, antivirus, and intrusion detection system, an attacker can still gain unauthorized access by exploiting the vulnerabilities. In the context of software security, vulnerabilities are specific flaws or oversights in a piece of software that can be exploited by attackers. Using assessment methodology, we will focus on security functions and security evaluations in this chapter.
We are going to cover the following topics in this chapter:
- Infrastructure concerns
- Nessus installation and vulnerability assessment methodology
- Sample report