Web Application Security Services
Computer security aims to protect valuable assets from getting stolen or tampered with. It is important to understand the possible attacks and ways to mitigate these attacks in terms of vulnerability, threat, and control.
Vulnerability is any weakness in the system through which there is a chance of attack. It is like a loophole in the system design, implementation, or procedure that might lead to a loss or harm.For example, a system that does not authenticate its user’s identity during login is vulnerable to get attacked by intruders trying to steal data from the system.
Threats affect a computer system that leads to loss or harm. Threats come in many forms and types and are necessary to take precautions to prevent or mitigate them.
- Human-initiated threats can be benign like human error, flaws in hardware and design,and Malicious like developing viruses to affect the functioning of the system.
- Computer initiated like denial-of-service attacks, bombarding messages to a system leading to crash.
- Natural causes like flood, fire, earthquake, and power failure are unpredictable natural threats.
Control is any kind of actions, methods, or procedures that are taken to patch or mitigate the vulnerability in the system and thus protect the system from threats.All these terms can be put in a single sentence as “Controls prevent threats from exercising vulnerabilities” or “A threat is blocked by control of a vulnerability”.