Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

vulnerability assessment

Abbreviation(s) and Synonym(s):

vulnerability analysis
Vulnerability Analysis

Definition(s):

  See Vulnerability Assessment.
Source(s):
NIST SP 800-53 Rev. 4 under Vulnerability Analysis

  Formal description and evaluation of the vulnerabilities in an information system.
Source(s):
NIST SP 800-137 under Vulnerability Assessment (CNSSI 4009)
NIST SP 800-18 Rev. 1 under Vulnerability Assessment (CNSSI 4009)
NIST SP 800-37 Rev. 1 under Vulnerability Assessment (CNSSI 4009)

  Systematic examination of an information system or product to determine the adequacy of security measures, identify security deficiencies, provide data from which to predict the effectiveness of proposed security measures, and confirm the adequacy of such measures after implementation.
Source(s):
CNSSI 4009-2015
NIST SP 800-160 [Superseded] (CNSSI 4009)
NIST SP 800-161 under Vulnerability Assessment (NIST SP 800-53A Rev. 4, CNSSI 4009)
NIST SP 800-30 Rev. 1 under Vulnerability Assessment (CNSSI 4009)
NIST SP 800-39 under Vulnerability Assessment (CNSSI 4009)
NIST SP 800-53 Rev. 4 under Vulnerability Assessment (CNSSI 4009)
NISTIR 7622 under Vulnerability Assessment (CNSSI 4009, NIST SP 800-53A)

  Systematic examination of an information system or product to determine the adequacy of security and privacy measures, identify security and privacy deficiencies, provide data from which to predict the effectiveness of proposed security and privacy measures, and confirm the adequacy of such measures after implementation.
Source(s):
NIST SP 800-53A Rev. 4 under Vulnerability Assessment (CNSSI 4009 - Adapted)

  See vulnerability assessment.
Source(s):
CNSSI 4009-2015 under vulnerability analysis (NISTIR 7298 Rev. 2)