Towards a Taxonomy of Network Security Assessment Techniques

This paper attempts to bring order to the methods for algorithmicly determining vulnerability to known problems. We use vulnerability in a loose sense which includes not only software design errors and implementation flaws, but also misconfigurations and questionable user decisions (such as using a weak password). We provide an understanding of the issues and difficulties that arise in a devising and deploying a test or set of tests for a given vulnerability, and also offer up a set of terms that can be used to unambiguously describe a given test, allowing practitioners to more easily debate and discuss their merits. We limit our investigations to that set of problems which can be identified without credentials.

Click Here to download this article

Share this article

Receive all the latest articles by email!

Get all articles delivered directly to your mailbox as and when they are released on WindowSecurity.com! Choose between receiving instant updates with the Real-Time Article Update, or a monthly summary with the Monthly Article Update.



Receive all the latest articles by email!

Receive Real-Time & Monthly WindowSecurity.com article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become a WindowSecurity.com member!

Discuss your security issues with thousands of other network security experts. Click here to join!

Community Area

Log in | Register

Solution Center

Readers' Choice

Which is your preferred Software-based Firewall?