In this video, learn the three basic types of vulnerabilities that are found with vulnerability scanning so you can identify the differences between vulnerability types in your environment.
- [Instructor] A vulnerability in the context of computers and networks is a flaw that could lead to a compromise in the system's confidentiality, integrity and or availability. In general, there are three types of vulnerabilities based on where the flaws are, operating system, application, configuration. Each poses its own challenges for remediation and prioritization. Have you heard of Microsoft Patch Tuesday? That's when Microsoft publishes all the updates for their operating systems like Windows 10 and Windows Server 2016. Each month, at least some of those updates are patches that address security flaws in the operating system, and sometimes those are very serious flaws. Operating systems are made up of hundreds of thousands of lines of code. It's inevitable that the developers who wrote the code would inadvertently introduce flaws. Those flaws could lead to a vulnerability. Most operating systems release patches on some regular schedule. And that schedule really depends on each individual vendor. OS vulnerabilities can be severe since the OS is the foundation of a computer system. It's important to patch the OS because everything else on a computer relies on it. Fortunately, patching OSs is typically something that can be automated with the OS itself or a management platform. We use computers because they can run programs or applications. These programs let us do specific tasks like edit a document, email a coworker, or even surf the web. Applications like operating systems are the result of developers or teams of developers writing code to give us the capabilities we need for our computers. Most applications aren't as complicated as operating systems, but some are still quite complex. When flaws are found in applications, they can introduce vulnerabilities that might allow an attacker to do evil on your computer, or even expose your system data to others. Since most of us have at least a handful of applications installed on our computers, the exposure is significant. Unlike some operating system patches, application patches aren't always released on a consistent schedule or even publicized. That makes addressing these vulnerabilities particularly challenging in large environments. The volume of applications and their vulnerabilities combined with the complexity of patching each makes this type of vulnerability really hard to manage. Configuration vulnerabilities are vulnerabilities that exist because a system or application isn't configured properly, if you've ever bought a piece of internet connected technology, did it just work out of the box? Did you change the default password? How about making sure that the management interface requires encryption? Because systems, especially those meant for home use by consumers, are built so that they can work in nearly any situation out of the box., they're frequently open to attacks. Just take a look at the news reports of hacked baby cameras for a few examples of this in the real world. Configuration vulnerabilities can be even more challenging to handle than application vulnerabilities. That's because configurations are in everything, operating systems, applications, IoT devices. And then sometimes finding those configuration settings that are causing vulnerabilities can be a struggle. And that's because they're very deep within configuration menus and those aren't always intuitive. The problem becomes more complex in an enterprise environment. In some enterprises, the changes may be needed on hundreds or thousands of machines, but there's no central management console that can help automate the process. Each type of vulnerability presents unique challenges that may need to be considered when determining risk in a particular organization.