A vulnerability assessment (VA) is a series of manual and automated processes and procedures used to assess and prioritize security vulnerabilities in a system (i.e. application and/or infrastructure). Conducting a VA helps to determine the security posture of the environment and the level of exposure to threats. A VA will identify vulnerabilities by evaluating if the system has the proper controls in place and will identify residual risks associated with a system.
See our Vulnerability Assessment FAQ page for answers to the following most frequently asked questions:
- What is a Vulnerability?
- What is a Vulnerability Assessment?
- When is a VA required?
- How do I Request a VA? What's the Process?
- Application Go Live - What's the Process?
- What is the Pre-VA Meeting?
- What prep is needed before the VA begins?
- How long does it take to conduct a VA?
- Who is responsible for remediating issues in the VA Report?
- What prep is needed before retest begins?
- Who approves the VA Report Response?