Vulnerability assessment can be divided broadly into two major groups:
- Network-based assessment
- Host-based assessment
For maximum effectiveness and security, both of the vulnerability assessments mentioned above are required. This is because vulnerabilities can be exploited by an insider, a legitimate user, bad guys outside of the perimeter or an unauthorized user.