| Name | Definition |
|---|---|
| Risk Assessment | Discipline aimed at identifying, assessing and prioritizing the risks associated with an organization's activities |
| Vulnerability Management | Proactive strategy of identifying, prioritizing and correcting a company's security weaknesses and vulnerabilities |
| Vulnerability Assessment | The process of identifying, quantifying and prioritizing a system's vulnerabilities |
| Penetration test | A security exercise in which a cybersecurity expert attempts to find and exploit vulnerabilities in a computer system |
-
Common Vulnerabilities and Exposure (CVE) : is a catalog of vulnerabilities maintained by MITRE.
-
Common Weakness Enumeration : is a community-developed list (created by MITRE) of common software and hardware weaknesses.
-
Common Vulnerability Scoring System (CVSS) : is a method used to supply a qualitative measure of severity. CVSS is not a measure of risk.
-
Zero Day vulnerability : vulnerability that has not been published or has no known patch.