Focus2Learn
  • Way2Learn
  • OSI Model
    • Intro
    • OSI Model Layers - Functions and Protocols
    • TCP/IP Protocol Suite
    • Layers Functionalities
    • TCP and UDP ports
    • Network Connecting Devices
    • Network Security Devices
    • Network Vulnerability
    • Kerbros
  • Architectures
    • Qradar
    • Splunk ES
    • SOC Analyst Work Culture
    • Playbooks
  • Information Security
    • AAA
    • CIA Traid
    • Cyber Attacks
    • Cyber Kill Chain
    • Threat - Vulnerability - Exploit - Risk
    • MITRE ATT&CK Framework
    • Spoofing Attacks
  • Log Analysis
    • SSL
    • Splunk Queries
    • Log Aggregation, Processing and Analysis for Security
    • Firewall Logging
    • Proxy Server
    • DNS Server
    • Email Analysis
    • Network Data Analysis
    • Web Application Security
    • Threat Hunting with Microsoft O365 Logs
    • Darktrace
    • EDR
    • Random Topics
    • Incident Response
    • Windows Logs
    • Windows Ransomware Detection
    • Ref Diagrams
  • External Sites
    • Fav Links
    • Cyber-Kill-Chain_YouTube_Link
    • OWASP TOP 10 - 2017
    • Splunk UseCases
    • CCNA Course
    • Switch
    • Port Numbers
    • Windows Event IDs
    • Splunk-Oxygen
    • Privilege Escalation Attack
    • Threat Hunting with Splunk
  • PDF Files
    • Imp PDF Files
  • Online Reputation Checking Tool
  • AWS Cloud Security
    • AWS GuardDuty
  • Security Controls
  • CrowdStrike
    • Falcon Queries
    • User Sessions Hunting
    • Day to Day
    • Hunting Falcon
  • DarkTrace
    • Ref Links
  • Web Application Security
    • Links
Powered by GitBook
On this page
  • Threat
  • Vulnerability
  • Exploit
  • Risk
  • Reference

Was this helpful?

  1. Information Security

Threat - Vulnerability - Exploit - Risk

PreviousCyber Kill ChainNextMITRE ATT&CK Framework

Last updated 4 years ago

Was this helpful?

Threat

A Threat is basically a hypothetical event that has the potential to cause some performing damage to an organization’s business and other processes. For example, social engineering, phishing, DDoS, etc. are typical threats. To explain non-typical threats, one of the best examples would be when you leave your data open on your phone which later gets stolen and used for adversarial events.

Even though most of the threats involve an exploit, they mostly don’t cause any damage unless they are being actualised by threat actors or hackers. Threat actors are basically people with a motive such as cybercriminals (financially motivated hackers), hacktivists (cyber activists with a political motive), competitors, angry employees etc.

Vulnerability

Vulnerability simply means flaws, weakness or a gap in a system. One of the major reasons behind vulnerabilities are mistakes made during the development process. These mistakes are usually referred to as a bug that hackers use to compromise systems and computers. Now not all bugs are tagged as vulnerabilities, but the ones that lead to the adverse outcomes of threats are tagged as CVE (common vulnerability and exposure) and registered by. Furthermore, vulnerabilities are also allotted a specific score, Common Vulnerability Scoring System (CVSS), which determines the severity of the vulnerability.

One of the best examples of vulnerability is SQL injection. If there is a SQL bug in a website, hackers can inject malicious SQL code take control of the website and steal data.

When it comes to vulnerabilities, penetration testing or pen testing is a method of performing some tasks on a system to figure out what are all the bugs that are present and how serious they are. Simply put, it is basically a process of hacking with prior permission and without causing any damage.

Exploit

Exploit is a step — the next step of a hacker after s/he finds a vulnerability. Simply put, it is the way how hackers leverage vulnerabilities. An exploit could be a software, or command or a piece of code or it could even be a whole kit.

Risk

Just like its general definition, in cybersecurity also it has almost the same meaning. It is basically the probability of something bad happening combined with how bad it would be if it did happen. Simply put, it is the intersection of assets, threats, and vulnerabilities.

Risk is something that is in relation to all the above terms. For example, if there is a threat but there are no vulnerabilities, and vice versa, then the chances of bad impact (or risk) is either nil or low.

Reference

MITRE
Click Here