Vulnerability analysis is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. In addition, vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.

Vulnerability Assessment Methodology- Enigma
Vulnerability Assessment

Conducting a Vulnerability Assessment follows these general steps

1. Define the scope
2. Agree time to test
3. Perform reconnaissance
4. Identify the security vulnerabilities or potential threats to each resource
5. Verify the findings and highlight in report
6. Define possible solutions
7. Review report with vendor
8. Implement agreed fixes
9. Retest or perform a penetration test