vulnerability


Also found in: Dictionary, Thesaurus, Medical, Legal, Acronyms, Wikipedia.

vulnerability

[‚vəl·nə·rə′bil·əd·ē]
(computer science)
A weakness in a computing system that can result in harm to the system or its operations, especially when this weakness is exploited by a hostile person or organization or when it is present in conjunction with particular events or circumstances.

Vulnerability

Vulgarity (See COARSENESS.)
Achilles
warrior vulnerable only in his heel. [Gk. Myth.: Zimmerman, 4]
Antaeus
only vulnerable if not touching ground. [Gk. and Rom. Myth.: Hall, 151]
Balder
conquerable only with mistletoe. [Norse Myth.: Walsh Classical, 43]
Diarmuid
Irish Achilles, killed through cunning Fionn’s deceit. [Irish Myth.: Jobes, 443; Parrinder, 79]
Maginot Line
French fortification zone along German border; thought impregnable before WWII. [Fr. Hist.: NCE, 1658]
Samson
strength derived from his hair; betrayed by Delilah. [O.T.: Judges 16]
Siegfried
vulnerable in only one spot on his back. [Ger. Opera: Wagner, Götterdämmerung, Westerman, 245]
Siegfried Line
German fortification zone opposite the Maginot Line between Germany and France. [Ger. Hist.: WB, 17: 370]
Superman
invulnerable except for Kryptonite. [TV: “The Adventures of Superman” in Terrace, I, 38; Comics: Horn, 642]

vulnerability

A security exposure in an operating system or other system software or application software component. Before the Internet became mainstream and exposed every organization in the world to every attacker on the planet, vulnerabilities surely existed, but were not as often exploited.

In light of this madness, mostly perpetrated against Microsoft products, the architecture of future operating systems has changed. Designing software to be bulletproof against attacks is like building a house where every square inch is fortified with steel and sensors that detect intrusions. Patching an existing operating system written by hundreds of programmers who were not dwelling on this issue when they wrote the code is an onerous job.

Security firms maintain databases of vulnerabilities based on version number of the software. If exploited, each vulnerability can potentially compromise the system or network. To search for vulnerabilities and exposures in the National Vulnerability Database (NVD), visit http://web.nvd.nist.gov/view/vuln/search?cid=1. See network security scanner and vulnerability disclosure.
References in periodicals archive ?
One of the main drawbacks of traditional vulnerability assessment tools is that they cannot keep up with the constant rate of change across the network environment.
Government regulations, improved hacker exploits, and new technologies continue to drive the need for web application security vulnerability testing.
The company's network defense system unifies intrusion and vulnerability management technologies to provide customers with superior network security.
eEye's award-winning software products provide a complete vulnerability management solution that addresses the full lifecycle of security threats: before, during and after attacks.
Over the last five years, eEye has been recognized as the preeminent organization in the discovery of the most critical vulnerabilities in various platforms and applications, including the vulnerabilities subsequently leveraged by the Sasser, Witty and Code Red worms, as well as the Microsoft ASN vulnerability and scores of other important discoveries.
the leader in on demand vulnerability management and policy compliance, serves more than 2,400 enterprise subscribers around the world, including 200 of the Forbes Global 2000.
Tenable's Security Center, Passive Vulnerability Scanner and Nessus Vulnerability Scanner all currently provide support for NIST's CVSS scores, and our research team is actively engaged with NIST on scoring for new vulnerabilities.
Advisor allows administrators to fully customize the vulnerability management for their organization.
Watchfire was first to market with an enterprise vulnerability offering with its AppScan Enterprise platform over two years ago.
Watchfire has opened AppScan to highlight exactly what issue was detected in which web site response, why it was detected and how it was detected--providing immediate and unmatched transparency which enables the user to efficiently understand the root cause of each vulnerability, communicate it to developers and then initiate the remediation process.

Full browser ?