Study Guide: Unit 5 - Vulnerability Analysis & Remediation

To analyze source code for security vulnerabilities

To conduct controlled, simulated attacks on systems

To identify known vulnerabilities in systems or networks

To gather information from publicly available sources

Assessing the application's behavior during runtime

Monitoring software packages and dependencies for security vulnerabilities

Analyzing the source code or binary code of an application without executing it

Leveraging intelligence from private or third-party sources

By conducting penetration testing

By participating in information-sharing organizations

By analyzing data from social media

By monitoring activities on the dark web

To analyze source code for security vulnerabilities

To identify known vulnerabilities in systems or networks

To conduct controlled, simulated attacks on systems

To assess the behavior of applications during runtime

To monitor activities on the dark web

To establish a process for reporting discovered vulnerabilities responsibly

To offer incentives for external individuals who discover vulnerabilities

To assess the effectiveness of an organization's systems and controls

Static analysis

Penetration testing

Open-Source Intelligence (OSINT)

Dark Web monitoring

Assessing the application's behavior during runtime

Analyzing the source code of an application without executing it

Monitoring software packages and dependencies

Conducting controlled, simulated attacks on systems