Vulnerability Assessment is a service that identifies risks of vulnerabilities discovered in the operating systems, software, or network/security equipment, as well as their severity levels so that they are addressed by the administrators.
A multitude of vulnerabilities have been uncovered recently, including ones announced every month by Microsoft, or the vulnerabilities in popular software like Java or Adobe. The discovery of new vulnerabilities requires administrators install patches almost everyday.
If an organization does not conduct regular IT health checks, the unexpected may happen. Malicious users may exploit the vulnerability and cause the computer or network systems to malfunction, become inoperable, data may be tampered with or stolen, which in turn may cost the business expenses or invaluable reputation.
The VA service helps identify vulnerabilities, assess the relevant risks and their severity so that administrators may address them before they are exploited by hackers. Vigilant organizations should conduct the vulnerability assessment regularly or at least once every year.
The assessment should start from the systems most critical to the business, or most accessible from the Internet. These are the systems most at risk of being attacked by hackers everywhere. They are easier targets, most exposed, or most susceptible for the business.