Vulnerability Assessment and Remediation

מק"ט: #7561 | משך קורס: 24 שעות אק'

In today’s competitive marketplace, companies cannot afford to lose time, money, or integrity due to security incidents. Businesses can suffer immeasurable losses if a data center has a production outage as a result of a worm or virus, a hacker defaces a website, or critical customer information is lost or stolen. The fear of revenue loss should motivate smart businesses to begin taking proactive measures against vulnerabilities.

The concept of Vulnerability Assessment is a critical process that should be followed in large and small organizations as a way to identify, assess and respond to new threats before they become a reality. This course will outline the key steps to Vulnerability Assessment, and provide an in-depth look at the tools, challenges and best practices of each part of the VA lifecycle.

*שדות חובה
PDF version


  • Improve your understanding of cyber threats
  • Improve your understanding of common security controls
  • Perform advanced host and network scans
  • Create and maintain hardware and software inventory
  • Improve your understanding of the Vulnerability Assessment process
  • Perform advanced vulnerability scans and act on results

קהל היעד

  • IT professionals; network and server administrators
  • Security teams, Junior penetration testers

תנאי קדם

  • Familiarity with TCP/IP, Windows (or Linux) environment
  • Basic knowledge of web technologies (HTTP, HTML, javascript) and common services (SSH, Mail, SMB etc.)


#1: Cyber Threats

  • Denial of service
  • Bypassing and brute-forcing authentication
  • Known software exploits
  • Malware infection
  • Spam, spyware, hijacking, trojans, rootkits…


#2: Critical Security Control

  • The basics: Inventory, Secure Configurations and Vulnerability Assessment
  • Segmentation and Separations: from VLANS to boundary defences and application firewalls
  • Controlling Access: Authentication, Privileges, Administrative rights
  • Malware Defences: Anti-everything, IDS/IPS, Blacklisting/Whitelisting
  • Monitoring and Analysis: Log management, Network security monitoring, Account auditing
  • Reactive-Proactive: Data recovery, Incident response and Penetration testing


#3: Scanning hosts, networks and services

  • Host scanning techniques
  • Network scanning techniques
  • OS fingerprinting, banner grabbing
  • Advanced scanning techniques
  • scanning applications with NSE (nmap scripting engine)


#4: Inventory management

  • Saving scans into database
  • Comparing scans and generating reports
  • Performing a credentialed scan (Windows and Unix/Linux/BSD)
  • Importing, adding and correlating scan results
  • Passive asset detection?!


#5: Vulnerability Assessment

  • The state of vulnerability; numbers, trends, top-software etc.
  • Vulnerability scanning process and methodology
  • Vulnerability scanner types and technologies
  • Vulnerability scanner deployments and top vendors
  • Vulnerability scanning vs Penetration testing


#6: Vulnerability Scanning workshop

  • Performing a basic scan
  • Scan profiles and settings
  • Advanced scanning settings
  • Generating reports
  • Patch management process
  • Dedicated application scanners