Vulnerability assessment is a process of defining, identifying and classifying the security holes in information technology systems. An attacker can exploit a vulnerability to violate the security of a system. Some known vulnerabilities are Authentication Vulnerability, Authorization Vulnerability and Input Validation Vulnerability. 
Before deploying a system, it is necessary to ensure that the security system is secure. When a new vulnerability is discovered, the system administrator can reconstruct the vulnerability and the process patch. After the fixes are in place, another assessment can be made to verify that the vulnerabilities were actually resolved. This cycle of assessment, patch, and re-assessment has become the standard method for many organizations to manage their security issues.
The primary purpose of the assessment is to determine the vulnerability in the system. If an intruder gained access to a network of vulnerable web servers, it is safe to assume that he gained access to those systems as well. Because of this, the security administrator will be able to determine how the intrusion occurred, identify compromised assets and take appropriate security measures to prevent critical damage to the system.
Depending on the system a vulnerability assessment can have many types and level.
A host assessment requirements for system-level vulnerabilities such as insecure file permissions, application level bugs, backdoor and trojan horse facilities. It requires specialized tools for the operating system and software packages being used, in addition to administering to each system that should be tested. Host assessment is often very costly in terms of time that is used for some critical systems. Tools like COPS and Tiger are popular in host assessment.
In this we assess the network for known vulnerabilities. It locates all systems on a network, and then analyzes those services for potential vulnerabilities. This process does not require any configuration changes on the systems being assessed. Unlike hosting assessment, network assessment does not require much cost and effort.
Some common and decent vulnerability scanners are Nessus , OpenVAS and SAINT .
Vulnerability assessment vs penetration testing
Vulnerability assessment and penetration testing are two different testing methods. We can differentiate them on the basis of different parameters.
|Vulnerability Scan||Penetration Test|
|How often to run||Continuously, especially after new equipment is loaded||Once a year|
|Reports||Comprehensive baseline of what vulnerabilities exist from the last report||Short and to the point, identified what was actually compromised|
|Metrics||Lists known software vulnerabilities that may be exploited||Discovers unknown and exploitable exposures to normal business processes|
|Performed by||In house staff, expertise and knowledge of normal security profile.||Independent outside service|
|Expense||Low to moderate: about $ 1200 / yr + staff time||High: about $ 10,000 per year outside consultancy|
|Value||Detective control, used to detect when equipment is compromised||Preventative control to reduce exposures|
- Jump up^ “Category: Vulnerability – OWASP” . Www.owasp.org . Retrieved 2016-12-07 .
- Jump up^ “Vulnerability Assessment” (PDF) . Www.scitechconnect.elsevier.com . Retrieved 2016-12-07 .
- Jump up^ “Penetration Testing vs. Vulnerability Scanning” . Www.tns.com . Retrieved 2016-12-07 .