Posts: 21

Joined: Thu Apr 01, 2010 1:39 pm

Post Sat Sep 11, 2010 4:33 pm


During remediation results obtained from VA Scanner what levels you considered to remediate. Is the general practise to remediate from level 5-3 ( as they can be related CIA ) ??  or what is the common practise followed in the industry


User avatar

Sr. Member
Sr. Member

Posts: 379

Joined: Tue Dec 30, 2008 1:53 pm

Post Sun Sep 12, 2010 1:24 pm

Re: remediation

Your remediation plan should always be based on risk vs. reward in your environment. This is a function of Risk Management. The level of the vulnerability does not define the level of risk. For a vulnerability to become risk, you must also have a threat present. Therefore, a level 5 vulnerability with no threat can be categorized as a low risk vulnerability, but a level 3 vulnerability with a high threat should be categorized as a high risk vulnerability.

Basically, though, all vulnerabilities found should be dealt with eventually. You first work through the ones with the highest risk associated with them. You should then work into the medium risk ones. Lastly, you should deal with the low risk ones.

With that in mind, it is not always necessary that you remove the vulnerability completely. You may decide that the risk posed is acceptable. Its a risk and reward balancing act...with compensating controls or removal as viable options.

Hope that helps...

eCPPT - GSEC - GCIH - GWAPT - GCUX - RHCE - SCSecA - Security+ - Network+

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 4 guests

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software