How to identify vulnerabilities

Last updated: 2024-05-18
Was this article helpful?
7 of total 7 found this helpful.

Vulnerabilities these are weaknesses that you know about and may be subject of an attack or threat. They are attached to assets: each asset has its vulnerabilities, i.e., weaknesses, in how it can be attacked or damaged.

Basic principles in vulnerability identification

  • focus on assets, every asset has its vulnerabilities
  • focus on the processes of assigning, changing and removing rights from employees
  • vulnerability assessment should be performed by the owner of the asset, who knows its vulnerabilities best
  • analyze incidents and problems with the asset from the past, their causes are often due to vulnerabilities

Basic procedure for identifying vulnerabilities

  1. Carefully analyze each asset and identify and assign potential vulnerabilities to it
  2. Identify vulnerabilities to each asset
  3. List these and create a link to the relevant asset
  4. Keep all information in the relevant catalog of vulnerabilities