This chapter will address vulnerabilities and why they are important. It also discusses a concept known as Windows of Vulnerability, and shows how to determine the risk a given vulnerability poses to your environment.
What Are Vulnerabilities?
So, what are vulnerabilities? In the past, many people considered a vulnerability to be a software or hardware bug that a malicious individual could exploit. Over the years, however, the defi nition of vulnerability has evolved into a software or hardware bug or misconfi guration that a malicious individual can exploit. Patch management, confi guration management, and security management all evolved from single disciplines, often competing with each other, into one IT problem known today as vulnerability management.