7 Vulnerability assessment

Vulnerability scanning tools often refer to a CVSS score for each item. You should know the severity levels of this table in order to choose when to fail a build stage.

Rating

CVSS Score

None

0.0

Low

0.1 - 3.9

Medium

4.0 - 6.9

High

7.0 - 8.9

Critical

9.0 - 10.0

LogoCVSS v3.1 Specification DocumentFIRST — Forum of Incident Response and Security Teams

Tools: scanning tools, nmap, openVAS,SolarWinds, nikto, AngryIP, wireshark

Passive Assessment

tools: wirkeshark, sniffing tools

External Assessment/Internal Assessment

Previous6 Covering TracksNextDevSecOps Engineer

Last updated