Project 1: Vulnerability Process And Assessment Memo
Project Scenario
Previously, the CEO told you about the breach at a rival company and his concerns for security at Mercury USA. In light of these developments, Mercury USA has decided to conduct vulnerability assessments. An outside firm has conducted penetration tests on Mercury’s systems and provided the reports. Now, it is up to you as the cyber threat analyst to look at those reports, apply them to the specific company setup and business needs, and recommend changes.
Mercury USA’s concerns:
· protecting customer information
· protecting proprietary business data
· protecting dangerous loads/hazardous materials during transportation
Before you came onboard, a third-party penetration tester was brought in to assess Mercury USA’s security posture and network. One of the findings from the pen test report was the realization that an important part of a VM process is a vulnerability scanner. The pen tester provided a scan report using the free tool Open Vulnerability Assessment Scanner (OpenVAS). Judy has provided you with the OpenVAS report for your initial analysis.