If you don't know where your vulnerabilities are, you can't close the gaps!
A vulnerability analysis is the starting point for IT security measures. Based on this, the risk and probability of each gap are analyzed and appropriate measures will be implemented.
What are we going to do?
Vulnerabilities in IT systems are exploited by so-called "hackers". These people use known tools and generally proceed in three stages:
- Spying - How the hacker reaches the systems
- Analyze - What gaps can be used?
- Attack - steal data, change data, destroy data, use the system for own purposes
A vulnerability analysis uses the same tools hackers use, but is limited to analysis and only uses non-destructive techniques.
Vulnerability analysis is sometimes referred to as "white hacking" or "ethical hacking".