SlideShare a Scribd company logo

A Study on Vulnerability Management

IRJET Journal
IRJET Journal

https://www.irjet.net/archives/V9/i7/IRJET-V9I7455.pdf

1 of 5
Download to read offline
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2497 A Study on Vulnerability Management Piyush Somani1, Poornima Kulkarni2 1Student, Department of Information Science and Engineering, RV College of Engineering, Bangalore, India 2 Assistant Professor, Department of Information Science Engineering, RV College of Engineering, Bangalore, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Vulnerability Management is a pervasive problem in the development of any codebase. In the basic terms conceivable, a cyber vulnerability is any inaccuracy, shortcoming, or defect in an information system, internal control systems, or system processes of an organisation. It might be referred to as an imperfection or deficiency in the architecture of the code base which produces application malfunctions. Accordingly, it is important to implement a robust vulnerability management measure to avoid widespread assaults or even to mitigatethedamageinflicted by a cyberattack. In this work, a VulnerabilitiesManagement System (VMS) solution is proposed. Key Words: Software vulnerabilities, vulnerability management, vulnerability database, and vulnerability management system 1. INTRODUCTION Presently, firmware which governs an electronic device's operation are incorporated through every electrical appliance. Those application programs, developed by various engineers with such a smaller percentage of code, might well be enormously complicated and yet are later shown in a comprehensive technology program or project. Almost majority of cases, application software errors are caused from lingering problems or vulnerabilities insidethe code that can generate unforeseen consequences. The computer program is vulnerable to the impact of this flaw inside the programming language. Software vulnerabilities therefore are discovered in application softwareorsoftware platforms that also have unresolved issues, flaws, or vulnerabilities. Eventually, such program vulnerability provides a good example of the a point of entry into a software platform, which can cause significant harm to the system, that both computer hosting the software as well as the device associated towards the infected system Notwithstanding in all security protocols, as even more individuals are browsing the network, vulnerabilities are indeed being identified at an accelerating rate. Source code abnormalities, inconsistencies, and flaws can developinjust about any device that seems to have programming functionalities; consequently, detection mechanismsshould emerge both for attempting to resolve and mitigating software vulnerabilities. that both the computer hosting the software as well as the device associated with the infected system. Notwithstanding in all security protocols, as even more individuals are browsing the network, vulnerabilities are indeed being identified at an accelerating rate. Source code abnormalities, inconsistencies, and flaws can developinjust about any device that seems to have programming functionalities; consequently, detection mechanismsshould emerge both for attempting to resolve and mitigating software vulnerabilities. A hacker continually aims to break into the a system and acquire credentials that would give them access to sensitive data or resources. A cyberattack potentially lead to significant financial destruction, damage to someone's character, including loss of irreplaceable information. If this programming structure is subjected to penetration testers, then susceptibility areas must be detected. Figure 1 depicts a brief overview of vulnerability management has to be implemented. Fig 1. A Brief Overview of Vulnerability Management 1.1 Sub Heading 1 2. RELATED WORK This section focuses on research which has already been conducted. The existing work will serve as a foundation for something like the construction of a new vulnerable management system featuring advanced benefits. The author in [1] providesa novel vulnerabilitymanagement solution, known as the Software Vulnerability Integrated Management System (SV-IMS), has indeed been introduced by that of the authors in this study. That program can operate security screening to identify program weaknesses, as well as the outcomes of these kinds of tests could be seen on a different platform. Furthermore, it specifies the Popularly Known Scoring Scheme , a worldwide ratings system that evaluates the gravity of bugs.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2498 The author in [2] describesSpringBootwhichisa java-based framework for building web and enterpriseapplicationsand how it provides the flexibility for service-oriented architecture (SOA). As a result, this paper suggests that the SOA based REST API using Spring Boot Framework has definite advantages over other spring-based frameworks. The author in [3] highlights the necessity of accurate and comprehensive information being provided in bug reports intended to assist inside the quicker response of errors. Nevertheless, following multiple cyclesofinteractionamong correspondents and programmers, relevant information frequently trickles to developers. Inefficient debugging methods are partially to blame for the prolonged information sharing. By recommending four main routesfor improvements, it tackles the issues with bug tracking systems. It also exhibits a proof-of-concept interactive bug tracking system that asks users for pertinent information and identifies files that need to be updated in order to remedy the fault. In [4] this research study, the author discusses Common Vulnerability Exposure (CVE) and Common Security Vulnerabilities Languages, two global, community-based efforts involving business, the public sector, and research. Although OVAL seeks to provide enough methods for comprehensive vulnerability analysis as well as result in standardized reporting information security standards for networks, CVE determines the best method for generating vulnerability notifications increasingly appropriate to different organisations. The authors in [5] describe thetoolsforprojectmanagement and issues/bugs tracking that are becoming useful for governing the development process of Open Source software. Such tools simplify the communications process among developers and ensurethescalabilityofa project.The more information developers are able to exchange, the clearer are the goals, and the higher is the number of developers keen on joining and actively collaborating on a project. The author [6] established a method that made use of a learning algorithm and depth of knowledge. Through using this, the cyber risk management identifies, assesses, and negates the problem automatically. Challenges, security risks, reputational harm, and Economic loss all are minimized by the proposed approach. The author in [7] provides information in order to identify the vulnerabilities for injection attacks, the author of this research has created an automated vulnerability scanner. The webpage is continuously analysed by this system for Cross - site request and Sql injectionattacks.TheNationwide Vulnerable Database, or Dynamic model, is also another component of the proposed system. The author in [8] provides data by building a vulnerability database, the author of this research study has developed a new technique for creating and managing vulnerabilities. A new National Vulnerability Dataset (NDV) platform may be used by different companies in this proposed study.A recently found bug could also be registered inside theNeeds to request database while still being referred to. In [9] the SCADA system's vulnerability is evaluated to use a paradigm that this researcher has developed in risk assessments. Three levels are engaged in this: Technology, Circumstances, and gateways. The systems with such a gateway and credential patterns serves as a foundation for this architecture. Overall impact of the operation is also analysed using the proposed framework, and countermeasures for strengthening computer security are developed. The author in [10] implies implementing a risk database management system. The use of security devices could be extended upon and using this online system. The architecture of the weaknesses information and indeed the technique for generating the problems information are presented in this research. 3. METHODOLOGY The objective of the vulnerabilities control system is to identify and evaluate any application software problems. The morphological inspection and static analysisareusedto conduct this assessment. Every weakness discoveredwill be reviewed, maintained in the VMS database, and tested if any software application is tested utilising the planned VMS technology. If indeed the identified exposure is a product, it can be registered in the VMS repository after already being evaluated either by various agencies. Comparable to the Appeared As early Points System, the Risk Monitoring System would not only discover the weaknessbutitwill also assess or rank its intensity. Fig 2. A Brief Overview of Scanning of Vulnerability Management System
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2499 A bug scanner, a process control platform,anda data storage comprise three main parts of the vulnerability management system. A bug scanner will have an unique interfaceitisonly for and has a variety of functional characteristics. Any member of a product's security teamcanusethisinterface to advise the scanner here about how to continue withthenext step. The computational system will analyse the computer user's code and binaries. Automatically selected procedures would be used to conduct this evaluation. Any weaknesses identified during the technology manufacturer's testing phase would be recorded in the database. Figure 2 depicts the use of the scanner. All previously unknown weaknesses would be recorded in the repository. Data processing is categorized into 4 main phases, comprisingfindingvulnerabilities,evaluatingvulnerabilities, resolving vulnerabilities, and disclosing vulnerabilities, throughout order to increase the effectiveness of scanning. Figure 3 depicts the four phases of the data processing. Fig 3. The four phases of the data processing. A. Finding Vulnerabilities The detection of risk is the most pivotal point in a Vulnerability Management system. The flaws in the evaluated software package would be disclosedasa resultof this process. Any open ports and functions that really are existent in the software programme would be scanned and recognized during this process. That information would be utilized to just provide summaries, statistics,aswell asother attributes. B. Evaluating Vulnerabilities The computer algorithm will have to evaluate all the risks once they've been identified and properly handled. Furthermore, overall intensity of the identified weakness will be evaluated in this phase, as well as the high transformation would beratedorassessed.Theorganization needs to determine how and where to highlight the identified issues that use these exposure ratings. C. Resolving Vulnerabilities It's essential to address risks after grading issues and prioritising many who were identified. The computer programmer of a tested application would be available seeing the weaknesses identified during this procedure. After that, the programmer has three alternatives regarding addressing the issue: rectification, abatement,andadoption. D. Disclosing Vulnerability The speed and agility of detecting and preventing computer products will increase with using risk managementsystems. Throughout this operation, a statement knownasa software agency's scan test will indeed be created. A visual representation using several variables, including such risk scoring, etc., would be accessiblewiththeVMSsystem.Every user also may raise a ticket at this point to accelerate the sharing of the comprehensive study or data 4.IMPROVING VMS SYSTEM The complete details in the first vulnerability report, or as soon as possible, aid programmersinresolvingtheissue fast. This work aims at enhancing vulnerability scanningsystems with the intent of creating vulnerability reports increasingly comprehensive. Researchers are particularly consisting of four ways to enhance vulnerability scanning systems. A. Equipment Based Vulnerability scanning processor architectures' characteristics are augmented with equipment based enhancements. Those that can help alleviate the hardship of knowledge storage and distribution. Vulnerability scanning processes, for instance, can be designed to automatically pinpoint the pertinent automatically send as well asaddthis to an user query. Besides that, having provided stages to produce offspring can indeed be done by machines through using acquisition techniques ormeta;actual behaviourcould be easily proved by standardising screen grab; and possible solutions can indeed be automatically generated. Every one of the case studies above are intended to assist inside the collection of information required by dev’s to identify vulnerabilities. B. Knowledge Based The material becoming supplied by the reporters is the immediate priorityoftheseimprovements.Technologieslike Cedilla , that provide real-time assessment on the value of the evidence provided and what can be added to maximize
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2500 value, can be implemented into vulnerability systems. Reporters may be encouraged above and beyond andcollect more data if indeed the system gives helpful recommendations. Technologies could be further modified to perform out assessmentmethods,includingsuchverifying that supplied modifications are acceptable as well as the reported stack tracing is accurate and consistent C. Technique Based Technique-centric enhancements to vulnerability management systems concentrate on coordinating adware efforts. Selecting whichever worker will fix a bug, for example, could be mechanized to accelerate the process. Additional instances involve giving users an advance approximation of that when their issue wouldberesolved or create and encourage of something like the advancement achieved on event logs (so that reportsareknowledgeableof the ways of responding to their efforts). D. User Based Reporters and programmers are both included in this. Reporters can understand what to do togetmaterial orwhat to provide. Engineers also can benefit from similar requirements on what characteristics to expect in reports and use this information to resolve bugs. 5. ADVANTAGES Some of the proposed benefits of the Vulnerability Management systems are envisioned as follows: A. Increased Security Software that has security weaknesses give hackers a way into the computer network. Finding these vulnerabilities is essential for protecting all assets and corporate data. Following that, these problems are rated for severity and given a priority. The evaluated report aids in fixing IT asset weaknesses and shielding them from cyber-attacks that might expose the network to security risks. Furthermore, IT security professionals are able to locate vulnerabilities remotely without being present physically in the computer environment. They can manage high-risk problems with the least amount of IT resources thanks to it.Figure4depictsthe increase in security of data. Fig 4. An example of increased security B. Operational Efficiency IT security professionals may remedy the most serious IT security concerns immediately and deal with the lesserones afterwards with the review of the vulnerability list. The uncertainty during the clean-up process is eliminated if the effect of the potential dangers to the business is identified. Additionally, organisations may remotely automate and manage vulnerabilities. As a consequence, it saves time and improves operational efficiency by lessening the burden of owning and maintaining hardwareandsoftwareupgrades.A thorough vulnerability management solution significantly reduces the work required by the security team. To reduce the likelihood of cyberattacks and improve the security posture, limited IT resources will be needed. C. Far Less Expensive No matter what kind of digital marketing strategy your business is involved in, overcrowding will always be an obstacle to success. Competing against a large marketing budget no longer has to play a factor in the ability to achieve success. It is a very good marketing platform related to marketing and anyone can do it! Paid ads quickly shut down small businesses that companies can afford. D. Visibility and Reporting The visibility of the security teams would suffer if the vulnerability reports are manually compiled across hundreds of assets. It is challenging to display the vulnerability data from one scan to another using conventional methodologies. Consequently, it is imperative to have a complete vulnerability management system with an operational dashboard. It provides a security flaw's severity rating, charts, solutions recommendations, and creates personalised reports, all of which assist in establishing a strong case for new security activities. An IT team may then secure their computer environment with better-informed security decisions. Additionally, they may begin the remedy process immediately following each report. It helps teams operate more efficiently, lessens team fatigue, and takes the guesswork out of things. 6. CONCLUSIONS The research introduced the Vulnerability Management System (VMS), which will identify and report a software product's vulnerabilities. We will researchthecurrentthreat detection model and evaluate its effectiveness and speed of detection. Afterwards, we'll trytocreatea model thatmodels outcomes greater rapidly, correctly, and efficiently. The improvised model also will determine the severity of an impact a weakness will have on the system, helping in prioritising vulnerabilities. Existing vulnerability management systems do not adequately extract all of the necessary information by
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2501 designers. Users believe vulnerability scanningtechnologies must be upgraded to efficiently obtain data because without it, developers can easily fix errors. The study postulates five main areas for improvement. It may be preferable to make a series of changes from some of these categories, problem tracking systems may also want to specialise, giving a wide variety of choices. In comparison to existing scenarios, where they all offer the same functionality, this would be a welcome improvement. Researchers also defined an online system of collecting data from reports and utilising that tool to determine the error's source as an example of the kind of enhancements we support. Researchers ran a preliminary analysis wherein the researchers mimicked a dynamic bug monitoring system in order to demonstratetheusefulnessof that kind of proposal. In order to obtain relevant data about the defect immediately on and recommend prospective documents that need to be fixed, the system prompts the user situationally questions. This one will definitely speed the vulnerability process. Inside, we will develop from the dynamic system's current prototypes to a complete system which can manage a range of information gathering, as is commonly seen in the real world.. REFERENCES [1] Madalina Aldea, Daniel Georgica, Victor Croitoru, “Software Vulnerabilities Integrated Management System”, 2020 13th International Conference on Communications (COMM), IEEE, 2020: pp. 97 - 102, doi: 10.1109/COMM48946.2020.9141970 [2] K. Guntupally, R. Devarakonda and K. Kehoe, "Spring Boot based REST API to Improve Data Quality Report Generation for Big Scientific Data: ARM Data Centre Example," 2018 IEEE International Conference on Big Data (Big Data), 2018 [3] GeonLyang Kim, JinTae Oh, DongI Seo, JeongNyeo Kim, “The Design of Vulnerability Management System”, International Research Journal of Engineering and Technology (IRJET)e-ISSN:2395-0056Volume:08Issue: 11 | Nov 2021 www.irjet.net p-ISSN: 2395-0072©2021, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 28IJCSNSInternational Journal of Computer Science and Network Security, VOL.13 No.4, April 2013: pp. 19 – 24 [4] Manoj Kumar, Arun Sharma, “An integrated framework for software vulnerability detection, analysis and mitigation: an autonomic system”, Indian Academy of Sciences Sadhana Vol. 42, No. 9, September 2017, pp. 1481–1493, doi: 10.1007/s12046-017-0696-7 [5] Chee-Wooi Ten, Chen-Ching Liu, Govindarasu Manimaran, “Vulnerability Assessment of Cybersecurity for SCADA Systems”, IEEE Transactions on Power Systems, Vol. 23, no. 4, November 2008, pp. 1836-1846, doi: 10.1109/TPWRS.2008.2002298.ff [6] Y. Jin, Z. Lin and H. Lin, "The Research of Search Engine Based on Semantic Web," 2020International Symposium on Intelligent Information Technology Application Workshops, 2020, pp. 360-363, doi: 10.1109/IITA.Workshops.2020.193. [7] Armold; Hyla, Rowe, “Automatically Building an Information-Security VulnerabilityDatabase”,2006IEEE Information Assurance Workshop”, 21-23 June2006, pp. 376-377, doi: 10.1109/IAW.2006.1652119 [8] Andrey Fedorchenko, Igor Kotenko, Andrey Chechulin, “Design of Integrated Vulnerabilities Database for Computer Networks Security Analysis”, 2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing, 4-6 March 2015, pp. 559-566, doi: 10.1109/PDP.2015.38 [9] M. Rajaram and S. L. S. Vadivu, "Web caching in Semantic Web based multiple search engines," 2010 IEEE International Conference on Computational Intelligence and Computing Research, 2019, pp. 1-7, doi: 10.1109/ICCIC.2019.5705850. [10] Ching-Huang Lin, Chih-Hao Chen, Chi-Sung Laih, “A Study and Implementation of Vulnerability Assessment and Misconfiguration Detection”, 2008 IEEE Asia-Pacific Services Computing Conference, 9-12 Dec. 2008, pp. 1252-1257, doi: 10.1109/APSCC.2008.212 [11] Jan-Min Chen, Chia-Lun Wu, “An automated vulnerability scanner for injection attack based on injection point”, 2010 International Computer Symposium (ICS 2010), 16-18 Dec. 2010, pp. 113 – 118, doi: 10.1109/COMPSYM.2010.5685537 Computational Intelligence and Computing Research, 2020, pp. 1-7, doi: 10.1109/ICCIC.2020.5705850. [12] W. Xiaoyin, Z. Lu, X. Tao, J. Anvik and J. Sun, "An approach to detectingduplicatebugreportsusingnatural language and execution information", Proceedings of International Conference on Software Engineering,2019 [13] R. Devarakonda and K. Kehoe, "Spring Boot based REST API to Improve Data Quality Report Generation for Big Scientific Data: ARM Data Center Example," 2018 IEEE International Conference on Big Data (Big Data), 2018 [14] Qing L, Boyu Z, Jinhua W, Qin Qian L. Research “on key technology of network security situation awareness of private cloud in enterprises”, IEEE 3rd International Conference on Cloud Computing and Big Data Analysis (ICCCBDA),2019 [15] Kumar R, Kumar P. “Special issue on recent trends in artificial intelligence techniques for fault-tolerance, reliability and availability in mission-critical networks. Recent Adv Comput Sci Commun”. 20205.

Recommended

Vulnerability Management System
Vulnerability Management SystemVulnerability Management System
Vulnerability Management System
IRJET Journal
 
Vulnerability Management in IT Infrastructure
Vulnerability Management in IT InfrastructureVulnerability Management in IT Infrastructure
Vulnerability Management in IT Infrastructure
IRJET Journal
 
Rational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability AssessmentRational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability Assessment
VESIT/University of Mumbai
 
IRJET- Cross Platform Penetration Testing Suite
IRJET- Cross Platform Penetration Testing SuiteIRJET- Cross Platform Penetration Testing Suite
IRJET- Cross Platform Penetration Testing Suite
IRJET Journal
 
Effective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaSEffective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaS
IRJET Journal
 
IRJET- Testing Web Application using Vulnerability Scan
IRJET- Testing Web Application using Vulnerability ScanIRJET- Testing Web Application using Vulnerability Scan
IRJET- Testing Web Application using Vulnerability Scan
IRJET Journal
 
IRJET- Bug Hunting using Web Application Penetration Testing Techniques.
IRJET- Bug Hunting using Web Application Penetration Testing Techniques.IRJET- Bug Hunting using Web Application Penetration Testing Techniques.
IRJET- Bug Hunting using Web Application Penetration Testing Techniques.
IRJET Journal
 
Using Fuzzy Clustering and Software Metrics to Predict Faults in large Indust...
Using Fuzzy Clustering and Software Metrics to Predict Faults in large Indust...Using Fuzzy Clustering and Software Metrics to Predict Faults in large Indust...
Using Fuzzy Clustering and Software Metrics to Predict Faults in large Indust...
IOSR Journals
 

Recommended

Vulnerability Management System
Vulnerability Management SystemVulnerability Management System
Vulnerability Management System
IRJET Journal
 
Vulnerability Management in IT Infrastructure
Vulnerability Management in IT InfrastructureVulnerability Management in IT Infrastructure
Vulnerability Management in IT Infrastructure
IRJET Journal
 
Rational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability AssessmentRational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability Assessment
VESIT/University of Mumbai
 
IRJET- Cross Platform Penetration Testing Suite
IRJET- Cross Platform Penetration Testing SuiteIRJET- Cross Platform Penetration Testing Suite
IRJET- Cross Platform Penetration Testing Suite
IRJET Journal
 
Effective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaSEffective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaS
IRJET Journal
 
IRJET- Testing Web Application using Vulnerability Scan
IRJET- Testing Web Application using Vulnerability ScanIRJET- Testing Web Application using Vulnerability Scan
IRJET- Testing Web Application using Vulnerability Scan
IRJET Journal
 
IRJET- Bug Hunting using Web Application Penetration Testing Techniques.
IRJET- Bug Hunting using Web Application Penetration Testing Techniques.IRJET- Bug Hunting using Web Application Penetration Testing Techniques.
IRJET- Bug Hunting using Web Application Penetration Testing Techniques.
IRJET Journal
 
Using Fuzzy Clustering and Software Metrics to Predict Faults in large Indust...
Using Fuzzy Clustering and Software Metrics to Predict Faults in large Indust...Using Fuzzy Clustering and Software Metrics to Predict Faults in large Indust...
Using Fuzzy Clustering and Software Metrics to Predict Faults in large Indust...
IOSR Journals
 
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed ServersIRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET Journal
 
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
iosrjce
 
F017652530
F017652530F017652530
F017652530
IOSR Journals
 
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET Journal
 
ByteCode pentest report example
ByteCode pentest report exampleByteCode pentest report example
ByteCode pentest report example
Ihor Uzhvenko
 
Bug Tracking System (BTS)
Bug Tracking System (BTS)Bug Tracking System (BTS)
Bug Tracking System (BTS)
IRJET Journal
 
Web Applications Assessment Tools: Comparison and Discussion
Web Applications Assessment Tools: Comparison and DiscussionWeb Applications Assessment Tools: Comparison and Discussion
Web Applications Assessment Tools: Comparison and Discussion
EECJOURNAL
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.com
IJERD Editor
 
CRIME EXPLORATION AND FORECAST
CRIME EXPLORATION AND FORECASTCRIME EXPLORATION AND FORECAST
CRIME EXPLORATION AND FORECAST
IRJET Journal
 
IRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking SystemIRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking System
IRJET Journal
 
IRJET-A Review of Testing Technology in Web Application System
IRJET-A Review of Testing Technology in Web Application SystemIRJET-A Review of Testing Technology in Web Application System
IRJET-A Review of Testing Technology in Web Application System
IRJET Journal
 
Self-Protecting Technology for Web Applications
Self-Protecting Technology for Web ApplicationsSelf-Protecting Technology for Web Applications
Self-Protecting Technology for Web Applications
IRJET Journal
 
J034057065
J034057065J034057065
J034057065
ijceronline
 
OWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference GuideOWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference Guide
Aryan G
 
Systematic Review Automation in Cyber Security
Systematic Review Automation in Cyber SecuritySystematic Review Automation in Cyber Security
Systematic Review Automation in Cyber Security
YogeshIJTSRD
 
Information hiding based on optimization technique for Encrypted Images
Information hiding based on optimization technique for Encrypted ImagesInformation hiding based on optimization technique for Encrypted Images
Information hiding based on optimization technique for Encrypted Images
IRJET Journal
 
Predicting Software Defects Using Bayesian Network Approach
Predicting Software Defects Using Bayesian Network ApproachPredicting Software Defects Using Bayesian Network Approach
Predicting Software Defects Using Bayesian Network Approach
theijes
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperTawnia Beckwith
 
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTSSECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
ijseajournal
 
Developing software analyzers tool using software reliability growth model
Developing software analyzers tool using software reliability growth modelDeveloping software analyzers tool using software reliability growth model
Developing software analyzers tool using software reliability growth modelIAEME Publication
 
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
IRJET Journal
 
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURESTUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
IRJET Journal
 

More Related Content

Similar to A Study on Vulnerability Management

IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed ServersIRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET Journal
 
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
iosrjce
 
F017652530
F017652530F017652530
F017652530
IOSR Journals
 
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET Journal
 
ByteCode pentest report example
ByteCode pentest report exampleByteCode pentest report example
ByteCode pentest report example
Ihor Uzhvenko
 
Bug Tracking System (BTS)
Bug Tracking System (BTS)Bug Tracking System (BTS)
Bug Tracking System (BTS)
IRJET Journal
 
Web Applications Assessment Tools: Comparison and Discussion
Web Applications Assessment Tools: Comparison and DiscussionWeb Applications Assessment Tools: Comparison and Discussion
Web Applications Assessment Tools: Comparison and Discussion
EECJOURNAL
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.com
IJERD Editor
 
CRIME EXPLORATION AND FORECAST
CRIME EXPLORATION AND FORECASTCRIME EXPLORATION AND FORECAST
CRIME EXPLORATION AND FORECAST
IRJET Journal
 
IRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking SystemIRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking System
IRJET Journal
 
IRJET-A Review of Testing Technology in Web Application System
IRJET-A Review of Testing Technology in Web Application SystemIRJET-A Review of Testing Technology in Web Application System
IRJET-A Review of Testing Technology in Web Application System
IRJET Journal
 
Self-Protecting Technology for Web Applications
Self-Protecting Technology for Web ApplicationsSelf-Protecting Technology for Web Applications
Self-Protecting Technology for Web Applications
IRJET Journal
 
J034057065
J034057065J034057065
J034057065
ijceronline
 
OWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference GuideOWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference Guide
Aryan G
 
Systematic Review Automation in Cyber Security
Systematic Review Automation in Cyber SecuritySystematic Review Automation in Cyber Security
Systematic Review Automation in Cyber Security
YogeshIJTSRD
 
Information hiding based on optimization technique for Encrypted Images
Information hiding based on optimization technique for Encrypted ImagesInformation hiding based on optimization technique for Encrypted Images
Information hiding based on optimization technique for Encrypted Images
IRJET Journal
 
Predicting Software Defects Using Bayesian Network Approach
Predicting Software Defects Using Bayesian Network ApproachPredicting Software Defects Using Bayesian Network Approach
Predicting Software Defects Using Bayesian Network Approach
theijes
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperTawnia Beckwith
 
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTSSECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
ijseajournal
 
Developing software analyzers tool using software reliability growth model
Developing software analyzers tool using software reliability growth modelDeveloping software analyzers tool using software reliability growth model
Developing software analyzers tool using software reliability growth modelIAEME Publication
 

Similar to A Study on Vulnerability Management (20)

IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed ServersIRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
 
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
 
F017652530
F017652530F017652530
F017652530
 
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
 
ByteCode pentest report example
ByteCode pentest report exampleByteCode pentest report example
ByteCode pentest report example
 
Bug Tracking System (BTS)
Bug Tracking System (BTS)Bug Tracking System (BTS)
Bug Tracking System (BTS)
 
Web Applications Assessment Tools: Comparison and Discussion
Web Applications Assessment Tools: Comparison and DiscussionWeb Applications Assessment Tools: Comparison and Discussion
Web Applications Assessment Tools: Comparison and Discussion
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.com
 
CRIME EXPLORATION AND FORECAST
CRIME EXPLORATION AND FORECASTCRIME EXPLORATION AND FORECAST
CRIME EXPLORATION AND FORECAST
 
IRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking SystemIRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking System
 
IRJET-A Review of Testing Technology in Web Application System
IRJET-A Review of Testing Technology in Web Application SystemIRJET-A Review of Testing Technology in Web Application System
IRJET-A Review of Testing Technology in Web Application System
 
Self-Protecting Technology for Web Applications
Self-Protecting Technology for Web ApplicationsSelf-Protecting Technology for Web Applications
Self-Protecting Technology for Web Applications
 
J034057065
J034057065J034057065
J034057065
 
OWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference GuideOWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference Guide
 
Systematic Review Automation in Cyber Security
Systematic Review Automation in Cyber SecuritySystematic Review Automation in Cyber Security
Systematic Review Automation in Cyber Security
 
Information hiding based on optimization technique for Encrypted Images
Information hiding based on optimization technique for Encrypted ImagesInformation hiding based on optimization technique for Encrypted Images
Information hiding based on optimization technique for Encrypted Images
 
Predicting Software Defects Using Bayesian Network Approach
Predicting Software Defects Using Bayesian Network ApproachPredicting Software Defects Using Bayesian Network Approach
Predicting Software Defects Using Bayesian Network Approach
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paper
 
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTSSECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
 
Developing software analyzers tool using software reliability growth model
Developing software analyzers tool using software reliability growth modelDeveloping software analyzers tool using software reliability growth model
Developing software analyzers tool using software reliability growth model
 

More from IRJET Journal

TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
IRJET Journal
 
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURESTUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
IRJET Journal
 
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
IRJET Journal
 
Effect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil CharacteristicsEffect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil Characteristics
IRJET Journal
 
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
IRJET Journal
 
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
IRJET Journal
 
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
IRJET Journal
 
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
IRJET Journal
 
A REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADASA REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADAS
IRJET Journal
 
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
IRJET Journal
 
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD ProP.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
IRJET Journal
 
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
IRJET Journal
 
Survey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare SystemSurvey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare System
IRJET Journal
 
Review on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridgesReview on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridges
IRJET Journal
 
React based fullstack edtech web application
React based fullstack edtech web applicationReact based fullstack edtech web application
React based fullstack edtech web application
IRJET Journal
 
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
IRJET Journal
 
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
IRJET Journal
 
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
IRJET Journal
 
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic DesignMultistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
IRJET Journal
 
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
IRJET Journal
 

More from IRJET Journal (20)

TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
 
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURESTUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
 
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
 
Effect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil CharacteristicsEffect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil Characteristics
 
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
 
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
 
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
 
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
 
A REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADASA REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADAS
 
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
 
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD ProP.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
 
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
 
Survey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare SystemSurvey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare System
 
Review on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridgesReview on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridges
 
React based fullstack edtech web application
React based fullstack edtech web applicationReact based fullstack edtech web application
React based fullstack edtech web application
 
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
 
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
 
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
 
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic DesignMultistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
 
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
 

Recently uploaded

一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
bakpo1
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
AJAYKUMARPUND1
 
block diagram and signal flow graph representation
block diagram and signal flow graph representationblock diagram and signal flow graph representation
block diagram and signal flow graph representation
Divya Somashekar
 
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSE
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSETECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSE
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSE
DuvanRamosGarzon1
 
Automobile Management System Project Report.pdf
Automobile Management System Project Report.pdfAutomobile Management System Project Report.pdf
Automobile Management System Project Report.pdf
Kamal Acharya
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
Massimo Talia
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
MdTanvirMahtab2
 
LIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.pptLIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.ppt
ssuser9bd3ba
 
The role of big data in decision making.
The role of big data in decision making.The role of big data in decision making.
The role of big data in decision making.
ankuprajapati0525
 
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxCFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
R&R Consult
 
Courier management system project report.pdf
Courier management system project report.pdfCourier management system project report.pdf
Courier management system project report.pdf
Kamal Acharya
 
power quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptxpower quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptx
ViniHema
 
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdfH.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
MLILAB
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
AafreenAbuthahir2
 
weather web application report.pdf
weather web application report.pdfweather web application report.pdf
weather web application report.pdf
Pratik Pawar
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
gerogepatton
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Elective
karthi keyan
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
road safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdfroad safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdf
VENKATESHvenky89705
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Sreedhar Chowdam
 

Recently uploaded (20)

一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
 
block diagram and signal flow graph representation
block diagram and signal flow graph representationblock diagram and signal flow graph representation
block diagram and signal flow graph representation
 
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSE
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSETECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSE
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSE
 
Automobile Management System Project Report.pdf
Automobile Management System Project Report.pdfAutomobile Management System Project Report.pdf
Automobile Management System Project Report.pdf
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
 
LIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.pptLIGA(E)11111111111111111111111111111111111111111.ppt
LIGA(E)11111111111111111111111111111111111111111.ppt
 
The role of big data in decision making.
The role of big data in decision making.The role of big data in decision making.
The role of big data in decision making.
 
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxCFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
 
Courier management system project report.pdf
Courier management system project report.pdfCourier management system project report.pdf
Courier management system project report.pdf
 
power quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptxpower quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptx
 
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdfH.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
 
weather web application report.pdf
weather web application report.pdfweather web application report.pdf
weather web application report.pdf
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Elective
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
 
road safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdfroad safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdf
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
 

A Study on Vulnerability Management

  • 1. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2497 A Study on Vulnerability Management Piyush Somani1, Poornima Kulkarni2 1Student, Department of Information Science and Engineering, RV College of Engineering, Bangalore, India 2 Assistant Professor, Department of Information Science Engineering, RV College of Engineering, Bangalore, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Vulnerability Management is a pervasive problem in the development of any codebase. In the basic terms conceivable, a cyber vulnerability is any inaccuracy, shortcoming, or defect in an information system, internal control systems, or system processes of an organisation. It might be referred to as an imperfection or deficiency in the architecture of the code base which produces application malfunctions. Accordingly, it is important to implement a robust vulnerability management measure to avoid widespread assaults or even to mitigatethedamageinflicted by a cyberattack. In this work, a VulnerabilitiesManagement System (VMS) solution is proposed. Key Words: Software vulnerabilities, vulnerability management, vulnerability database, and vulnerability management system 1. INTRODUCTION Presently, firmware which governs an electronic device's operation are incorporated through every electrical appliance. Those application programs, developed by various engineers with such a smaller percentage of code, might well be enormously complicated and yet are later shown in a comprehensive technology program or project. Almost majority of cases, application software errors are caused from lingering problems or vulnerabilities insidethe code that can generate unforeseen consequences. The computer program is vulnerable to the impact of this flaw inside the programming language. Software vulnerabilities therefore are discovered in application softwareorsoftware platforms that also have unresolved issues, flaws, or vulnerabilities. Eventually, such program vulnerability provides a good example of the a point of entry into a software platform, which can cause significant harm to the system, that both computer hosting the software as well as the device associated towards the infected system Notwithstanding in all security protocols, as even more individuals are browsing the network, vulnerabilities are indeed being identified at an accelerating rate. Source code abnormalities, inconsistencies, and flaws can developinjust about any device that seems to have programming functionalities; consequently, detection mechanismsshould emerge both for attempting to resolve and mitigating software vulnerabilities. that both the computer hosting the software as well as the device associated with the infected system. Notwithstanding in all security protocols, as even more individuals are browsing the network, vulnerabilities are indeed being identified at an accelerating rate. Source code abnormalities, inconsistencies, and flaws can developinjust about any device that seems to have programming functionalities; consequently, detection mechanismsshould emerge both for attempting to resolve and mitigating software vulnerabilities. A hacker continually aims to break into the a system and acquire credentials that would give them access to sensitive data or resources. A cyberattack potentially lead to significant financial destruction, damage to someone's character, including loss of irreplaceable information. If this programming structure is subjected to penetration testers, then susceptibility areas must be detected. Figure 1 depicts a brief overview of vulnerability management has to be implemented. Fig 1. A Brief Overview of Vulnerability Management 1.1 Sub Heading 1 2. RELATED WORK This section focuses on research which has already been conducted. The existing work will serve as a foundation for something like the construction of a new vulnerable management system featuring advanced benefits. The author in [1] providesa novel vulnerabilitymanagement solution, known as the Software Vulnerability Integrated Management System (SV-IMS), has indeed been introduced by that of the authors in this study. That program can operate security screening to identify program weaknesses, as well as the outcomes of these kinds of tests could be seen on a different platform. Furthermore, it specifies the Popularly Known Scoring Scheme , a worldwide ratings system that evaluates the gravity of bugs.
  • 2. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2498 The author in [2] describesSpringBootwhichisa java-based framework for building web and enterpriseapplicationsand how it provides the flexibility for service-oriented architecture (SOA). As a result, this paper suggests that the SOA based REST API using Spring Boot Framework has definite advantages over other spring-based frameworks. The author in [3] highlights the necessity of accurate and comprehensive information being provided in bug reports intended to assist inside the quicker response of errors. Nevertheless, following multiple cyclesofinteractionamong correspondents and programmers, relevant information frequently trickles to developers. Inefficient debugging methods are partially to blame for the prolonged information sharing. By recommending four main routesfor improvements, it tackles the issues with bug tracking systems. It also exhibits a proof-of-concept interactive bug tracking system that asks users for pertinent information and identifies files that need to be updated in order to remedy the fault. In [4] this research study, the author discusses Common Vulnerability Exposure (CVE) and Common Security Vulnerabilities Languages, two global, community-based efforts involving business, the public sector, and research. Although OVAL seeks to provide enough methods for comprehensive vulnerability analysis as well as result in standardized reporting information security standards for networks, CVE determines the best method for generating vulnerability notifications increasingly appropriate to different organisations. The authors in [5] describe thetoolsforprojectmanagement and issues/bugs tracking that are becoming useful for governing the development process of Open Source software. Such tools simplify the communications process among developers and ensurethescalabilityofa project.The more information developers are able to exchange, the clearer are the goals, and the higher is the number of developers keen on joining and actively collaborating on a project. The author [6] established a method that made use of a learning algorithm and depth of knowledge. Through using this, the cyber risk management identifies, assesses, and negates the problem automatically. Challenges, security risks, reputational harm, and Economic loss all are minimized by the proposed approach. The author in [7] provides information in order to identify the vulnerabilities for injection attacks, the author of this research has created an automated vulnerability scanner. The webpage is continuously analysed by this system for Cross - site request and Sql injectionattacks.TheNationwide Vulnerable Database, or Dynamic model, is also another component of the proposed system. The author in [8] provides data by building a vulnerability database, the author of this research study has developed a new technique for creating and managing vulnerabilities. A new National Vulnerability Dataset (NDV) platform may be used by different companies in this proposed study.A recently found bug could also be registered inside theNeeds to request database while still being referred to. In [9] the SCADA system's vulnerability is evaluated to use a paradigm that this researcher has developed in risk assessments. Three levels are engaged in this: Technology, Circumstances, and gateways. The systems with such a gateway and credential patterns serves as a foundation for this architecture. Overall impact of the operation is also analysed using the proposed framework, and countermeasures for strengthening computer security are developed. The author in [10] implies implementing a risk database management system. The use of security devices could be extended upon and using this online system. The architecture of the weaknesses information and indeed the technique for generating the problems information are presented in this research. 3. METHODOLOGY The objective of the vulnerabilities control system is to identify and evaluate any application software problems. The morphological inspection and static analysisareusedto conduct this assessment. Every weakness discoveredwill be reviewed, maintained in the VMS database, and tested if any software application is tested utilising the planned VMS technology. If indeed the identified exposure is a product, it can be registered in the VMS repository after already being evaluated either by various agencies. Comparable to the Appeared As early Points System, the Risk Monitoring System would not only discover the weaknessbutitwill also assess or rank its intensity. Fig 2. A Brief Overview of Scanning of Vulnerability Management System
  • 3. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2499 A bug scanner, a process control platform,anda data storage comprise three main parts of the vulnerability management system. A bug scanner will have an unique interfaceitisonly for and has a variety of functional characteristics. Any member of a product's security teamcanusethisinterface to advise the scanner here about how to continue withthenext step. The computational system will analyse the computer user's code and binaries. Automatically selected procedures would be used to conduct this evaluation. Any weaknesses identified during the technology manufacturer's testing phase would be recorded in the database. Figure 2 depicts the use of the scanner. All previously unknown weaknesses would be recorded in the repository. Data processing is categorized into 4 main phases, comprisingfindingvulnerabilities,evaluatingvulnerabilities, resolving vulnerabilities, and disclosing vulnerabilities, throughout order to increase the effectiveness of scanning. Figure 3 depicts the four phases of the data processing. Fig 3. The four phases of the data processing. A. Finding Vulnerabilities The detection of risk is the most pivotal point in a Vulnerability Management system. The flaws in the evaluated software package would be disclosedasa resultof this process. Any open ports and functions that really are existent in the software programme would be scanned and recognized during this process. That information would be utilized to just provide summaries, statistics,aswell asother attributes. B. Evaluating Vulnerabilities The computer algorithm will have to evaluate all the risks once they've been identified and properly handled. Furthermore, overall intensity of the identified weakness will be evaluated in this phase, as well as the high transformation would beratedorassessed.Theorganization needs to determine how and where to highlight the identified issues that use these exposure ratings. C. Resolving Vulnerabilities It's essential to address risks after grading issues and prioritising many who were identified. The computer programmer of a tested application would be available seeing the weaknesses identified during this procedure. After that, the programmer has three alternatives regarding addressing the issue: rectification, abatement,andadoption. D. Disclosing Vulnerability The speed and agility of detecting and preventing computer products will increase with using risk managementsystems. Throughout this operation, a statement knownasa software agency's scan test will indeed be created. A visual representation using several variables, including such risk scoring, etc., would be accessiblewiththeVMSsystem.Every user also may raise a ticket at this point to accelerate the sharing of the comprehensive study or data 4.IMPROVING VMS SYSTEM The complete details in the first vulnerability report, or as soon as possible, aid programmersinresolvingtheissue fast. This work aims at enhancing vulnerability scanningsystems with the intent of creating vulnerability reports increasingly comprehensive. Researchers are particularly consisting of four ways to enhance vulnerability scanning systems. A. Equipment Based Vulnerability scanning processor architectures' characteristics are augmented with equipment based enhancements. Those that can help alleviate the hardship of knowledge storage and distribution. Vulnerability scanning processes, for instance, can be designed to automatically pinpoint the pertinent automatically send as well asaddthis to an user query. Besides that, having provided stages to produce offspring can indeed be done by machines through using acquisition techniques ormeta;actual behaviourcould be easily proved by standardising screen grab; and possible solutions can indeed be automatically generated. Every one of the case studies above are intended to assist inside the collection of information required by dev’s to identify vulnerabilities. B. Knowledge Based The material becoming supplied by the reporters is the immediate priorityoftheseimprovements.Technologieslike Cedilla , that provide real-time assessment on the value of the evidence provided and what can be added to maximize
  • 4. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2500 value, can be implemented into vulnerability systems. Reporters may be encouraged above and beyond andcollect more data if indeed the system gives helpful recommendations. Technologies could be further modified to perform out assessmentmethods,includingsuchverifying that supplied modifications are acceptable as well as the reported stack tracing is accurate and consistent C. Technique Based Technique-centric enhancements to vulnerability management systems concentrate on coordinating adware efforts. Selecting whichever worker will fix a bug, for example, could be mechanized to accelerate the process. Additional instances involve giving users an advance approximation of that when their issue wouldberesolved or create and encourage of something like the advancement achieved on event logs (so that reportsareknowledgeableof the ways of responding to their efforts). D. User Based Reporters and programmers are both included in this. Reporters can understand what to do togetmaterial orwhat to provide. Engineers also can benefit from similar requirements on what characteristics to expect in reports and use this information to resolve bugs. 5. ADVANTAGES Some of the proposed benefits of the Vulnerability Management systems are envisioned as follows: A. Increased Security Software that has security weaknesses give hackers a way into the computer network. Finding these vulnerabilities is essential for protecting all assets and corporate data. Following that, these problems are rated for severity and given a priority. The evaluated report aids in fixing IT asset weaknesses and shielding them from cyber-attacks that might expose the network to security risks. Furthermore, IT security professionals are able to locate vulnerabilities remotely without being present physically in the computer environment. They can manage high-risk problems with the least amount of IT resources thanks to it.Figure4depictsthe increase in security of data. Fig 4. An example of increased security B. Operational Efficiency IT security professionals may remedy the most serious IT security concerns immediately and deal with the lesserones afterwards with the review of the vulnerability list. The uncertainty during the clean-up process is eliminated if the effect of the potential dangers to the business is identified. Additionally, organisations may remotely automate and manage vulnerabilities. As a consequence, it saves time and improves operational efficiency by lessening the burden of owning and maintaining hardwareandsoftwareupgrades.A thorough vulnerability management solution significantly reduces the work required by the security team. To reduce the likelihood of cyberattacks and improve the security posture, limited IT resources will be needed. C. Far Less Expensive No matter what kind of digital marketing strategy your business is involved in, overcrowding will always be an obstacle to success. Competing against a large marketing budget no longer has to play a factor in the ability to achieve success. It is a very good marketing platform related to marketing and anyone can do it! Paid ads quickly shut down small businesses that companies can afford. D. Visibility and Reporting The visibility of the security teams would suffer if the vulnerability reports are manually compiled across hundreds of assets. It is challenging to display the vulnerability data from one scan to another using conventional methodologies. Consequently, it is imperative to have a complete vulnerability management system with an operational dashboard. It provides a security flaw's severity rating, charts, solutions recommendations, and creates personalised reports, all of which assist in establishing a strong case for new security activities. An IT team may then secure their computer environment with better-informed security decisions. Additionally, they may begin the remedy process immediately following each report. It helps teams operate more efficiently, lessens team fatigue, and takes the guesswork out of things. 6. CONCLUSIONS The research introduced the Vulnerability Management System (VMS), which will identify and report a software product's vulnerabilities. We will researchthecurrentthreat detection model and evaluate its effectiveness and speed of detection. Afterwards, we'll trytocreatea model thatmodels outcomes greater rapidly, correctly, and efficiently. The improvised model also will determine the severity of an impact a weakness will have on the system, helping in prioritising vulnerabilities. Existing vulnerability management systems do not adequately extract all of the necessary information by
  • 5. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2501 designers. Users believe vulnerability scanningtechnologies must be upgraded to efficiently obtain data because without it, developers can easily fix errors. The study postulates five main areas for improvement. It may be preferable to make a series of changes from some of these categories, problem tracking systems may also want to specialise, giving a wide variety of choices. In comparison to existing scenarios, where they all offer the same functionality, this would be a welcome improvement. Researchers also defined an online system of collecting data from reports and utilising that tool to determine the error's source as an example of the kind of enhancements we support. Researchers ran a preliminary analysis wherein the researchers mimicked a dynamic bug monitoring system in order to demonstratetheusefulnessof that kind of proposal. In order to obtain relevant data about the defect immediately on and recommend prospective documents that need to be fixed, the system prompts the user situationally questions. This one will definitely speed the vulnerability process. Inside, we will develop from the dynamic system's current prototypes to a complete system which can manage a range of information gathering, as is commonly seen in the real world.. REFERENCES [1] Madalina Aldea, Daniel Georgica, Victor Croitoru, “Software Vulnerabilities Integrated Management System”, 2020 13th International Conference on Communications (COMM), IEEE, 2020: pp. 97 - 102, doi: 10.1109/COMM48946.2020.9141970 [2] K. Guntupally, R. Devarakonda and K. Kehoe, "Spring Boot based REST API to Improve Data Quality Report Generation for Big Scientific Data: ARM Data Centre Example," 2018 IEEE International Conference on Big Data (Big Data), 2018 [3] GeonLyang Kim, JinTae Oh, DongI Seo, JeongNyeo Kim, “The Design of Vulnerability Management System”, International Research Journal of Engineering and Technology (IRJET)e-ISSN:2395-0056Volume:08Issue: 11 | Nov 2021 www.irjet.net p-ISSN: 2395-0072©2021, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 28IJCSNSInternational Journal of Computer Science and Network Security, VOL.13 No.4, April 2013: pp. 19 – 24 [4] Manoj Kumar, Arun Sharma, “An integrated framework for software vulnerability detection, analysis and mitigation: an autonomic system”, Indian Academy of Sciences Sadhana Vol. 42, No. 9, September 2017, pp. 1481–1493, doi: 10.1007/s12046-017-0696-7 [5] Chee-Wooi Ten, Chen-Ching Liu, Govindarasu Manimaran, “Vulnerability Assessment of Cybersecurity for SCADA Systems”, IEEE Transactions on Power Systems, Vol. 23, no. 4, November 2008, pp. 1836-1846, doi: 10.1109/TPWRS.2008.2002298.ff [6] Y. Jin, Z. Lin and H. Lin, "The Research of Search Engine Based on Semantic Web," 2020International Symposium on Intelligent Information Technology Application Workshops, 2020, pp. 360-363, doi: 10.1109/IITA.Workshops.2020.193. [7] Armold; Hyla, Rowe, “Automatically Building an Information-Security VulnerabilityDatabase”,2006IEEE Information Assurance Workshop”, 21-23 June2006, pp. 376-377, doi: 10.1109/IAW.2006.1652119 [8] Andrey Fedorchenko, Igor Kotenko, Andrey Chechulin, “Design of Integrated Vulnerabilities Database for Computer Networks Security Analysis”, 2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing, 4-6 March 2015, pp. 559-566, doi: 10.1109/PDP.2015.38 [9] M. Rajaram and S. L. S. Vadivu, "Web caching in Semantic Web based multiple search engines," 2010 IEEE International Conference on Computational Intelligence and Computing Research, 2019, pp. 1-7, doi: 10.1109/ICCIC.2019.5705850. [10] Ching-Huang Lin, Chih-Hao Chen, Chi-Sung Laih, “A Study and Implementation of Vulnerability Assessment and Misconfiguration Detection”, 2008 IEEE Asia-Pacific Services Computing Conference, 9-12 Dec. 2008, pp. 1252-1257, doi: 10.1109/APSCC.2008.212 [11] Jan-Min Chen, Chia-Lun Wu, “An automated vulnerability scanner for injection attack based on injection point”, 2010 International Computer Symposium (ICS 2010), 16-18 Dec. 2010, pp. 113 – 118, doi: 10.1109/COMPSYM.2010.5685537 Computational Intelligence and Computing Research, 2020, pp. 1-7, doi: 10.1109/ICCIC.2020.5705850. [12] W. Xiaoyin, Z. Lu, X. Tao, J. Anvik and J. Sun, "An approach to detectingduplicatebugreportsusingnatural language and execution information", Proceedings of International Conference on Software Engineering,2019 [13] R. Devarakonda and K. Kehoe, "Spring Boot based REST API to Improve Data Quality Report Generation for Big Scientific Data: ARM Data Center Example," 2018 IEEE International Conference on Big Data (Big Data), 2018 [14] Qing L, Boyu Z, Jinhua W, Qin Qian L. Research “on key technology of network security situation awareness of private cloud in enterprises”, IEEE 3rd International Conference on Cloud Computing and Big Data Analysis (ICCCBDA),2019 [15] Kumar R, Kumar P. “Special issue on recent trends in artificial intelligence techniques for fault-tolerance, reliability and availability in mission-critical networks. Recent Adv Comput Sci Commun”. 20205.