A Study and Implementation of Vulnerability Assessment and Misconfiguration Detection

According to a study from Gartner Group, mostly successful attacks exploit software applications and operating systems that were not properly configured or vulnerability patched. Regarding enterprises, there are far reaching consequences if their online services are attacked and compromised. As a result, making their systems safer is becoming a higher priority. In this paper, we proposed a system to resolve the vulnerability and misconfiguration issues. In the vulnerability part, we focus on the aspect of vulnerability assessment. We use CVSS (common vulnerability scoring system) to measure the vulnerability severity to the organization and help administrators with patch management. For the configuration portion, we use CCE (common configuration enumeration) configuration scanner to scan the system and determine the presence of the misconfiguration in the system. The experiments show that our system can help administrators to understand their own systems and enhance system security.