vulnerability


Also found in: Dictionary, Thesaurus, Medical, Legal, Acronyms, Wikipedia.

vulnerability

[‚vəl·nə·rə′bil·əd·ē]
(computer science)
A weakness in a computing system that can result in harm to the system or its operations, especially when this weakness is exploited by a hostile person or organization or when it is present in conjunction with particular events or circumstances.

Vulnerability

Vulgarity (See COARSENESS.)
Achilles
warrior vulnerable only in his heel. [Gk. Myth.: Zimmerman, 4]
Antaeus
only vulnerable if not touching ground. [Gk. and Rom. Myth.: Hall, 151]
Balder
conquerable only with mistletoe. [Norse Myth.: Walsh Classical, 43]
Diarmuid
Irish Achilles, killed through cunning Fionn’s deceit. [Irish Myth.: Jobes, 443; Parrinder, 79]
Maginot Line
French fortification zone along German border; thought impregnable before WWII. [Fr. Hist.: NCE, 1658]
Samson
strength derived from his hair; betrayed by Delilah. [O.T.: Judges 16]
Siegfried
vulnerable in only one spot on his back. [Ger. Opera: Wagner, Götterdämmerung, Westerman, 245]
Siegfried Line
German fortification zone opposite the Maginot Line between Germany and France. [Ger. Hist.: WB, 17: 370]
Superman
invulnerable except for Kryptonite. [TV: “The Adventures of Superman” in Terrace, I, 38; Comics: Horn, 642]

vulnerability

A security exposure in an operating system or other system software or application software component. Before the Internet became mainstream and exposed every organization in the world to every attacker on the planet, vulnerabilities surely existed, but were not as often exploited.

In light of this madness, mostly perpetrated against Microsoft products, the architecture of future operating systems has changed. Designing software to be bulletproof against attacks is like building a house where every square inch is fortified with steel and sensors that detect intrusions. Patching an existing operating system written by hundreds of programmers who were not dwelling on this issue when they wrote the code is an onerous job.

Security firms maintain databases of vulnerabilities based on version number of the software. If exploited, each vulnerability can potentially compromise the system or network. To search for vulnerabilities and exposures in the National Vulnerability Database (NVD), visit http://web.nvd.nist.gov/view/vuln/search?cid=1. See network security scanner and vulnerability disclosure.
References in periodicals archive ?
The company's network defense system unifies intrusion and vulnerability management technologies to provide customers with superior network security.
eEye's award-winning software products provide a complete vulnerability management solution that addresses the full lifecycle of security threats: before, during and after attacks.
Greater Access Permissions - Allows companies to centrally set and distribute desktop scan permissions and role-based vulnerability report access permissions for greater control of this sensitive information.
Beyond Security's proprietary scanning system, which reveals vulnerabilities through simulated hacking, and can be updated with new vulnerability data daily;
The award-winning NeXpose enterprise vulnerability management solution scans Web server applications, Databases, Operating Systems, and Network Devices to locate threats, assess their risk to the environment, devise a remediation plan and implement the ticketing process.
These audits are usually performed via the Internet, from partner networks, and remote offices using hacking techniques or commercially available vulnerability assessment tools.
Through a partnership with SecurityFocus, the new VPA offering combines vulnerability information feeds from SecurityFocus' Vulnerability Database, the world's largest, most comprehensive and technically complete database, with data gleaned from NETSEC's 24/7 monitoring facility, attack and penetration labs, and vulnerability assessments, providing corporations with the most complete security advisory service available today.
Through initiatives like DVLabs, TippingPoint is able to provide timely discovery, comprehensive development, and rapid delivery of vulnerability remediation to its enterprise customers.
The most popular exploit used on the Internet to infect Web browsers with malware was for Microsoft's MS-ITS vulnerability (MS04-013), disclosed in 2004.
Database vulnerability scanners help IT organizations simultaneously meet security and compliance requirements," said Andrew Jaquith, Senior Analyst at Yankee Group.
Highlights Research Work By Determina's World-Class Vulnerability Research Team
Watchfire's AppScan[R] Web Application Security Testing Solutions Tops Application Vulnerability Assessment Software Category with the Highest Growth Rate of All Other Vendors in the Category

Full browser ?