The document discusses various techniques for vulnerability scanning and security assessments. It describes vulnerability scanning as the process of using specialized tools to inspect systems and networks for vulnerabilities. There are different types of vulnerability scanners like network and application scanners. The document also discusses vulnerability assessment, threat hunting, and penetration testing as three common types of security assessments. It provides details on topics like CVSS scoring, CVE identifiers, and the role of SCAP in automating vulnerability monitoring.

1. Friendly Tip: Please take notes to better remember concepts
In this video we will
learn about
Vulnerability
Scanning Techniques
and Vulnerability
scores & exposures
Core Cyber Security Concepts

2. In the NIST Cybersecurity
framework, the first step is
identification of
vulnerabilities, This involves
information gathering and
reconnaissance activties.
The goal is to learn about
the number of devices,
network layout, open
services/ports in network to
determine security profile.

3. After we learn about the number of devices, network layout and
open services/ports in network to determine security profile, the
next step is to conduct a security assessment.
Vulnerability Assessment
Threat Hunting
Penetration testing
There's three types of
Security assessments carried
out:

4. -> Vulnerability Assessment - process of identifying, quantifying,
and prioritizing the vulnerabilities in a system.

5. Vulnerability Scanning
" It's the process of inspecting
systems and networks for
vulnerabilities, which can be
taken adantage of, to disrupt and
take control of IT infrastructure "
Specialized tools/softwares
known as vulnerability scanners
are used to help administrators
find and address vulnerabilities.

6. They're used to detect vulnerablities in networks. theyre's used to
determine the network secuirty of host devices like routers,
smartphones & computers.
Types of Vulnerability Scanners
-> Network Vulnerability scanners

7. -> Application Vulnerability scanners
They're used to detect vulnerablities in applications such as web
browsers and other softwares. It's intended to point out
vulnerable configurations and missing patches.

8. SCAP stands for Security Content Automation Protocol. It is a a
security-enhancement method that uses specific standards to help
organizations automate the way they monitor system vulnerabilities
and make sure they're in compliance with security policies.
Simply put, SCAP lets security administrators scan computers,
software, and other devices based on a predetermined security
baseline. It lets the organization know if it's using the right
configuration and software patches for best security practices.

9. CVE, short for Common Vulnerabilities and Exposures, is a list of
publicly disclosed computer security flaws. When someone refers to
a CVE, they mean a security flaw that's been assigned a CVE ID
number.
Security advisories issued by vendors and researchers almost
always mention at least one CVE ID. CVEs help IT professionals
coordinate their efforts to prioritize and address these
vulnerabilities to make computer systems more secure.

10. The Common Vulnerability Scoring System (CVSS) is a free and open
industry standard for assessing the severity of computer system
security vulnerabilities. CVSS attempts to assign severity scores to
vulnerabilities, allowing responders to prioritize responses and
resources according to threat. Scores are calculated based on a formula
that depends on several metrics that approximate ease and impact of
an exploit. Scores range from 0 to 10, with 10 being the most severe.
While many utilize only the CVSS Base score for determining severity,
temporal and environmental scores also exist, to factor in availability of
mitigations and how widespread vulnerable systems are within an
organization, respectively.

11. Threat hunting, also known
as cyberthreat hunting, is a
proactive approach to
identifying previously
unknown, or ongoing non-
remediated threats, within
an organization's network.
-> Threat Hunting

12. It is an authorized simulated
cyberattack on a computer
system, performed to evaluate
the security of the system.
A penetration test can help
identify a system's
vulnerabilities to attack and
estimate how vulnerable it is.
-> Penetration Testing

13. Sources :
https://en.wikipedia.org/wiki/Vulnerability_assessment
https://www.ibm.com/topics/threat-hunting
https://en.wikipedia.org/wiki/Penetration_test
https://resources.infosecinstitute.com/topic/14-popular-web-
application-vulnerability-scanners/
https://docs.greenbone.net/src/gsa/7.0/index.html
https://www.lifewire.com/what-is-scap-2487459
https://www.redhat.com/en/topics/security/what-is-cve
https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_Sys
tem