Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

vulnerability assessment

Abbreviations / Acronyms / Synonyms:

vulnerability analysis
Vulnerability Analysis

Definitions:

  Formal description and evaluation of the vulnerabilities in an information system.
Sources:
NIST SP 800-137 under Vulnerability Assessment from CNSSI 4009
NIST SP 800-18 Rev. 1 under Vulnerability Assessment from CNSSI 4009

  Systematic examination of an information system or product to determine the adequacy of security measures, identify security deficiencies, provide data from which to predict the effectiveness of proposed security measures, and confirm the adequacy of such measures after implementation.
Sources:
CNSSI 4009-2015
NIST SP 800-30 Rev. 1 under Vulnerability Assessment from CNSSI 4009
NIST SP 800-37 Rev. 2 from CNSSI 4009-2015
NIST SP 800-39 under Vulnerability Assessment from CNSSI 4009
NIST SP 800-53 Rev. 5 from CNSSI 4009-2015
NIST SP 800-53A Rev. 5 from CNSSI 4009-2015
NISTIR 7622 under Vulnerability Assessment from CNSSI 4009

  See vulnerability assessment.
Sources:
CNSSI 4009-2015 under vulnerability analysis
NIST SP 800-53 Rev. 5 under vulnerability analysis
NIST SP 800-53A Rev. 5 under vulnerability analysis

  Systematic examination of a system or product or supply chain element to determine the adequacy of security measures, identify security deficiencies, provide data from which to predict the effectiveness of proposed security measures, and confirm the adequacy of such measures after implementation.
Sources:
NIST SP 800-161r1-upd1 [11/1/2024 errata update] from NIST SP 800-53 Rev. 5 - adapted