Security Flaws And Weaknesses And Vulnerabilities

The entire security testing process is performed so that security flaws and software vulnerabilities can be reviled. There have been many system security breaches lately like Home Depot, Apple Pay competitor Current C and Home Depot that has prompted companies to look more seriously at tools and techniques that they can utilize to better identify and analyze potential threats and vulnerabilities. The main objective of security testing is determining how vulnerable the systems are and if the data and resources contained on those systems are protected against potential intruders. The chart below outlines several common tools that can be used to identify and analyze potential threats and vulnerabilities. Tools Technique or way the tool†¦show more content†¦Nessus This tool is an excellent vulnerability scanner which features asset profiling, high speed discovery of sensitive data, configuration auditing, and vulnerability analysis. This tools scanners can be spread throughout an entire enterprise, used inside DMZs, and also utilized across multiple physically separate networks. Nmap This tool is what’s known as a Network Mapper. This tool is mainly used as a network discovery scanner and as a security auditing tool. This tool can determine the availability of hosts on a particular network through the use of raw IP packets. The tool can also determine what services ( including application name and version) the hosts is offering, as well as what OS and versions they are running. This tool can also determine the type of firewalls and/or packet filters that are in use, and other important characteristics of the network environment. Zed Attack Proxy This tool is a very useful penetration testing tool that can be used to find vulnerabilities in web applications. This tool is simple to use and almost anyone with or without security experience can become functional testers even if they are new to penetration testing. Paros This tool is a HTTP/HTTPS proxy that is Java based and it is mainly used for assessing the vulnerability of web applications. This scanner is capable of intercepting all of the data in HTTP and