SlideShare a Scribd company logo

A Study on Vulnerability Management

IRJET Journal
IRJET Journal

1) The document discusses a proposed Vulnerability Management System (VMS) to identify and manage software vulnerabilities. 2) It provides an overview of vulnerability management and discusses related work that has been done in vulnerability databases and tracking systems. 3) The proposed VMS would use morphological inspection and static analysis to assess vulnerabilities, store information in a database, and rank vulnerabilities based on severity. It would consist of a vulnerability scanner, process control platform, and data storage.

1 of 5
Download to read offline
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2497 A Study on Vulnerability Management Piyush Somani1, Poornima Kulkarni2 1Student, Department of Information Science and Engineering, RV College of Engineering, Bangalore, India 2 Assistant Professor, Department of Information Science Engineering, RV College of Engineering, Bangalore, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Vulnerability Management is a pervasive problem in the development of any codebase. In the basic terms conceivable, a cyber vulnerability is any inaccuracy, shortcoming, or defect in an information system, internal control systems, or system processes of an organisation. It might be referred to as an imperfection or deficiency in the architecture of the code base which produces application malfunctions. Accordingly, it is important to implement a robust vulnerability management measure to avoid widespread assaults or even to mitigatethedamageinflicted by a cyberattack. In this work, a VulnerabilitiesManagement System (VMS) solution is proposed. Key Words: Software vulnerabilities, vulnerability management, vulnerability database, and vulnerability management system 1. INTRODUCTION Presently, firmware which governs an electronic device's operation are incorporated through every electrical appliance. Those application programs, developed by various engineers with such a smaller percentage of code, might well be enormously complicated and yet are later shown in a comprehensive technology program or project. Almost majority of cases, application software errors are caused from lingering problems or vulnerabilities insidethe code that can generate unforeseen consequences. The computer program is vulnerable to the impact of this flaw inside the programming language. Software vulnerabilities therefore are discovered in application softwareorsoftware platforms that also have unresolved issues, flaws, or vulnerabilities. Eventually, such program vulnerability provides a good example of the a point of entry into a software platform, which can cause significant harm to the system, that both computer hosting the software as well as the device associated towards the infected system Notwithstanding in all security protocols, as even more individuals are browsing the network, vulnerabilities are indeed being identified at an accelerating rate. Source code abnormalities, inconsistencies, and flaws can developinjust about any device that seems to have programming functionalities; consequently, detection mechanismsshould emerge both for attempting to resolve and mitigating software vulnerabilities. that both the computer hosting the software as well as the device associated with the infected system. Notwithstanding in all security protocols, as even more individuals are browsing the network, vulnerabilities are indeed being identified at an accelerating rate. Source code abnormalities, inconsistencies, and flaws can developinjust about any device that seems to have programming functionalities; consequently, detection mechanismsshould emerge both for attempting to resolve and mitigating software vulnerabilities. A hacker continually aims to break into the a system and acquire credentials that would give them access to sensitive data or resources. A cyberattack potentially lead to significant financial destruction, damage to someone's character, including loss of irreplaceable information. If this programming structure is subjected to penetration testers, then susceptibility areas must be detected. Figure 1 depicts a brief overview of vulnerability management has to be implemented. Fig 1. A Brief Overview of Vulnerability Management 1.1 Sub Heading 1 2. RELATED WORK This section focuses on research which has already been conducted. The existing work will serve as a foundation for something like the construction of a new vulnerable management system featuring advanced benefits. The author in [1] providesa novel vulnerabilitymanagement solution, known as the Software Vulnerability Integrated Management System (SV-IMS), has indeed been introduced by that of the authors in this study. That program can operate security screening to identify program weaknesses, as well as the outcomes of these kinds of tests could be seen on a different platform. Furthermore, it specifies the Popularly Known Scoring Scheme , a worldwide ratings system that evaluates the gravity of bugs.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2498 The author in [2] describesSpringBootwhichisa java-based framework for building web and enterpriseapplicationsand how it provides the flexibility for service-oriented architecture (SOA). As a result, this paper suggests that the SOA based REST API using Spring Boot Framework has definite advantages over other spring-based frameworks. The author in [3] highlights the necessity of accurate and comprehensive information being provided in bug reports intended to assist inside the quicker response of errors. Nevertheless, following multiple cyclesofinteractionamong correspondents and programmers, relevant information frequently trickles to developers. Inefficient debugging methods are partially to blame for the prolonged information sharing. By recommending four main routesfor improvements, it tackles the issues with bug tracking systems. It also exhibits a proof-of-concept interactive bug tracking system that asks users for pertinent information and identifies files that need to be updated in order to remedy the fault. In [4] this research study, the author discusses Common Vulnerability Exposure (CVE) and Common Security Vulnerabilities Languages, two global, community-based efforts involving business, the public sector, and research. Although OVAL seeks to provide enough methods for comprehensive vulnerability analysis as well as result in standardized reporting information security standards for networks, CVE determines the best method for generating vulnerability notifications increasingly appropriate to different organisations. The authors in [5] describe thetoolsforprojectmanagement and issues/bugs tracking that are becoming useful for governing the development process of Open Source software. Such tools simplify the communications process among developers and ensurethescalabilityofa project.The more information developers are able to exchange, the clearer are the goals, and the higher is the number of developers keen on joining and actively collaborating on a project. The author [6] established a method that made use of a learning algorithm and depth of knowledge. Through using this, the cyber risk management identifies, assesses, and negates the problem automatically. Challenges, security risks, reputational harm, and Economic loss all are minimized by the proposed approach. The author in [7] provides information in order to identify the vulnerabilities for injection attacks, the author of this research has created an automated vulnerability scanner. The webpage is continuously analysed by this system for Cross - site request and Sql injectionattacks.TheNationwide Vulnerable Database, or Dynamic model, is also another component of the proposed system. The author in [8] provides data by building a vulnerability database, the author of this research study has developed a new technique for creating and managing vulnerabilities. A new National Vulnerability Dataset (NDV) platform may be used by different companies in this proposed study.A recently found bug could also be registered inside theNeeds to request database while still being referred to. In [9] the SCADA system's vulnerability is evaluated to use a paradigm that this researcher has developed in risk assessments. Three levels are engaged in this: Technology, Circumstances, and gateways. The systems with such a gateway and credential patterns serves as a foundation for this architecture. Overall impact of the operation is also analysed using the proposed framework, and countermeasures for strengthening computer security are developed. The author in [10] implies implementing a risk database management system. The use of security devices could be extended upon and using this online system. The architecture of the weaknesses information and indeed the technique for generating the problems information are presented in this research. 3. METHODOLOGY The objective of the vulnerabilities control system is to identify and evaluate any application software problems. The morphological inspection and static analysisareusedto conduct this assessment. Every weakness discoveredwill be reviewed, maintained in the VMS database, and tested if any software application is tested utilising the planned VMS technology. If indeed the identified exposure is a product, it can be registered in the VMS repository after already being evaluated either by various agencies. Comparable to the Appeared As early Points System, the Risk Monitoring System would not only discover the weaknessbutitwill also assess or rank its intensity. Fig 2. A Brief Overview of Scanning of Vulnerability Management System
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2499 A bug scanner, a process control platform,anda data storage comprise three main parts of the vulnerability management system. A bug scanner will have an unique interfaceitisonly for and has a variety of functional characteristics. Any member of a product's security teamcanusethisinterface to advise the scanner here about how to continue withthenext step. The computational system will analyse the computer user's code and binaries. Automatically selected procedures would be used to conduct this evaluation. Any weaknesses identified during the technology manufacturer's testing phase would be recorded in the database. Figure 2 depicts the use of the scanner. All previously unknown weaknesses would be recorded in the repository. Data processing is categorized into 4 main phases, comprisingfindingvulnerabilities,evaluatingvulnerabilities, resolving vulnerabilities, and disclosing vulnerabilities, throughout order to increase the effectiveness of scanning. Figure 3 depicts the four phases of the data processing. Fig 3. The four phases of the data processing. A. Finding Vulnerabilities The detection of risk is the most pivotal point in a Vulnerability Management system. The flaws in the evaluated software package would be disclosedasa resultof this process. Any open ports and functions that really are existent in the software programme would be scanned and recognized during this process. That information would be utilized to just provide summaries, statistics,aswell asother attributes. B. Evaluating Vulnerabilities The computer algorithm will have to evaluate all the risks once they've been identified and properly handled. Furthermore, overall intensity of the identified weakness will be evaluated in this phase, as well as the high transformation would beratedorassessed.Theorganization needs to determine how and where to highlight the identified issues that use these exposure ratings. C. Resolving Vulnerabilities It's essential to address risks after grading issues and prioritising many who were identified. The computer programmer of a tested application would be available seeing the weaknesses identified during this procedure. After that, the programmer has three alternatives regarding addressing the issue: rectification, abatement,andadoption. D. Disclosing Vulnerability The speed and agility of detecting and preventing computer products will increase with using risk managementsystems. Throughout this operation, a statement knownasa software agency's scan test will indeed be created. A visual representation using several variables, including such risk scoring, etc., would be accessiblewiththeVMSsystem.Every user also may raise a ticket at this point to accelerate the sharing of the comprehensive study or data 4.IMPROVING VMS SYSTEM The complete details in the first vulnerability report, or as soon as possible, aid programmersinresolvingtheissue fast. This work aims at enhancing vulnerability scanningsystems with the intent of creating vulnerability reports increasingly comprehensive. Researchers are particularly consisting of four ways to enhance vulnerability scanning systems. A. Equipment Based Vulnerability scanning processor architectures' characteristics are augmented with equipment based enhancements. Those that can help alleviate the hardship of knowledge storage and distribution. Vulnerability scanning processes, for instance, can be designed to automatically pinpoint the pertinent automatically send as well asaddthis to an user query. Besides that, having provided stages to produce offspring can indeed be done by machines through using acquisition techniques ormeta;actual behaviourcould be easily proved by standardising screen grab; and possible solutions can indeed be automatically generated. Every one of the case studies above are intended to assist inside the collection of information required by dev’s to identify vulnerabilities. B. Knowledge Based The material becoming supplied by the reporters is the immediate priorityoftheseimprovements.Technologieslike Cedilla , that provide real-time assessment on the value of the evidence provided and what can be added to maximize
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2500 value, can be implemented into vulnerability systems. Reporters may be encouraged above and beyond andcollect more data if indeed the system gives helpful recommendations. Technologies could be further modified to perform out assessmentmethods,includingsuchverifying that supplied modifications are acceptable as well as the reported stack tracing is accurate and consistent C. Technique Based Technique-centric enhancements to vulnerability management systems concentrate on coordinating adware efforts. Selecting whichever worker will fix a bug, for example, could be mechanized to accelerate the process. Additional instances involve giving users an advance approximation of that when their issue wouldberesolved or create and encourage of something like the advancement achieved on event logs (so that reportsareknowledgeableof the ways of responding to their efforts). D. User Based Reporters and programmers are both included in this. Reporters can understand what to do togetmaterial orwhat to provide. Engineers also can benefit from similar requirements on what characteristics to expect in reports and use this information to resolve bugs. 5. ADVANTAGES Some of the proposed benefits of the Vulnerability Management systems are envisioned as follows: A. Increased Security Software that has security weaknesses give hackers a way into the computer network. Finding these vulnerabilities is essential for protecting all assets and corporate data. Following that, these problems are rated for severity and given a priority. The evaluated report aids in fixing IT asset weaknesses and shielding them from cyber-attacks that might expose the network to security risks. Furthermore, IT security professionals are able to locate vulnerabilities remotely without being present physically in the computer environment. They can manage high-risk problems with the least amount of IT resources thanks to it.Figure4depictsthe increase in security of data. Fig 4. An example of increased security B. Operational Efficiency IT security professionals may remedy the most serious IT security concerns immediately and deal with the lesserones afterwards with the review of the vulnerability list. The uncertainty during the clean-up process is eliminated if the effect of the potential dangers to the business is identified. Additionally, organisations may remotely automate and manage vulnerabilities. As a consequence, it saves time and improves operational efficiency by lessening the burden of owning and maintaining hardwareandsoftwareupgrades.A thorough vulnerability management solution significantly reduces the work required by the security team. To reduce the likelihood of cyberattacks and improve the security posture, limited IT resources will be needed. C. Far Less Expensive No matter what kind of digital marketing strategy your business is involved in, overcrowding will always be an obstacle to success. Competing against a large marketing budget no longer has to play a factor in the ability to achieve success. It is a very good marketing platform related to marketing and anyone can do it! Paid ads quickly shut down small businesses that companies can afford. D. Visibility and Reporting The visibility of the security teams would suffer if the vulnerability reports are manually compiled across hundreds of assets. It is challenging to display the vulnerability data from one scan to another using conventional methodologies. Consequently, it is imperative to have a complete vulnerability management system with an operational dashboard. It provides a security flaw's severity rating, charts, solutions recommendations, and creates personalised reports, all of which assist in establishing a strong case for new security activities. An IT team may then secure their computer environment with better-informed security decisions. Additionally, they may begin the remedy process immediately following each report. It helps teams operate more efficiently, lessens team fatigue, and takes the guesswork out of things. 6. CONCLUSIONS The research introduced the Vulnerability Management System (VMS), which will identify and report a software product's vulnerabilities. We will researchthecurrentthreat detection model and evaluate its effectiveness and speed of detection. Afterwards, we'll trytocreatea model thatmodels outcomes greater rapidly, correctly, and efficiently. The improvised model also will determine the severity of an impact a weakness will have on the system, helping in prioritising vulnerabilities. Existing vulnerability management systems do not adequately extract all of the necessary information by
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2501 designers. Users believe vulnerability scanningtechnologies must be upgraded to efficiently obtain data because without it, developers can easily fix errors. The study postulates five main areas for improvement. It may be preferable to make a series of changes from some of these categories, problem tracking systems may also want to specialise, giving a wide variety of choices. In comparison to existing scenarios, where they all offer the same functionality, this would be a welcome improvement. Researchers also defined an online system of collecting data from reports and utilising that tool to determine the error's source as an example of the kind of enhancements we support. Researchers ran a preliminary analysis wherein the researchers mimicked a dynamic bug monitoring system in order to demonstratetheusefulnessof that kind of proposal. In order to obtain relevant data about the defect immediately on and recommend prospective documents that need to be fixed, the system prompts the user situationally questions. This one will definitely speed the vulnerability process. Inside, we will develop from the dynamic system's current prototypes to a complete system which can manage a range of information gathering, as is commonly seen in the real world.. REFERENCES [1] Madalina Aldea, Daniel Georgica, Victor Croitoru, “Software Vulnerabilities Integrated Management System”, 2020 13th International Conference on Communications (COMM), IEEE, 2020: pp. 97 - 102, doi: 10.1109/COMM48946.2020.9141970 [2] K. Guntupally, R. Devarakonda and K. Kehoe, "Spring Boot based REST API to Improve Data Quality Report Generation for Big Scientific Data: ARM Data Centre Example," 2018 IEEE International Conference on Big Data (Big Data), 2018 [3] GeonLyang Kim, JinTae Oh, DongI Seo, JeongNyeo Kim, “The Design of Vulnerability Management System”, International Research Journal of Engineering and Technology (IRJET)e-ISSN:2395-0056Volume:08Issue: 11 | Nov 2021 www.irjet.net p-ISSN: 2395-0072©2021, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 28IJCSNSInternational Journal of Computer Science and Network Security, VOL.13 No.4, April 2013: pp. 19 – 24 [4] Manoj Kumar, Arun Sharma, “An integrated framework for software vulnerability detection, analysis and mitigation: an autonomic system”, Indian Academy of Sciences Sadhana Vol. 42, No. 9, September 2017, pp. 1481–1493, doi: 10.1007/s12046-017-0696-7 [5] Chee-Wooi Ten, Chen-Ching Liu, Govindarasu Manimaran, “Vulnerability Assessment of Cybersecurity for SCADA Systems”, IEEE Transactions on Power Systems, Vol. 23, no. 4, November 2008, pp. 1836-1846, doi: 10.1109/TPWRS.2008.2002298.ff [6] Y. Jin, Z. Lin and H. Lin, "The Research of Search Engine Based on Semantic Web," 2020International Symposium on Intelligent Information Technology Application Workshops, 2020, pp. 360-363, doi: 10.1109/IITA.Workshops.2020.193. [7] Armold; Hyla, Rowe, “Automatically Building an Information-Security VulnerabilityDatabase”,2006IEEE Information Assurance Workshop”, 21-23 June2006, pp. 376-377, doi: 10.1109/IAW.2006.1652119 [8] Andrey Fedorchenko, Igor Kotenko, Andrey Chechulin, “Design of Integrated Vulnerabilities Database for Computer Networks Security Analysis”, 2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing, 4-6 March 2015, pp. 559-566, doi: 10.1109/PDP.2015.38 [9] M. Rajaram and S. L. S. Vadivu, "Web caching in Semantic Web based multiple search engines," 2010 IEEE International Conference on Computational Intelligence and Computing Research, 2019, pp. 1-7, doi: 10.1109/ICCIC.2019.5705850. [10] Ching-Huang Lin, Chih-Hao Chen, Chi-Sung Laih, “A Study and Implementation of Vulnerability Assessment and Misconfiguration Detection”, 2008 IEEE Asia-Pacific Services Computing Conference, 9-12 Dec. 2008, pp. 1252-1257, doi: 10.1109/APSCC.2008.212 [11] Jan-Min Chen, Chia-Lun Wu, “An automated vulnerability scanner for injection attack based on injection point”, 2010 International Computer Symposium (ICS 2010), 16-18 Dec. 2010, pp. 113 – 118, doi: 10.1109/COMPSYM.2010.5685537 Computational Intelligence and Computing Research, 2020, pp. 1-7, doi: 10.1109/ICCIC.2020.5705850. [12] W. Xiaoyin, Z. Lu, X. Tao, J. Anvik and J. Sun, "An approach to detectingduplicatebugreportsusingnatural language and execution information", Proceedings of International Conference on Software Engineering,2019 [13] R. Devarakonda and K. Kehoe, "Spring Boot based REST API to Improve Data Quality Report Generation for Big Scientific Data: ARM Data Center Example," 2018 IEEE International Conference on Big Data (Big Data), 2018 [14] Qing L, Boyu Z, Jinhua W, Qin Qian L. Research “on key technology of network security situation awareness of private cloud in enterprises”, IEEE 3rd International Conference on Cloud Computing and Big Data Analysis (ICCCBDA),2019 [15] Kumar R, Kumar P. “Special issue on recent trends in artificial intelligence techniques for fault-tolerance, reliability and availability in mission-critical networks. Recent Adv Comput Sci Commun”. 20205.
Ad

Recommended

Vulnerability Management System
Vulnerability Management SystemVulnerability Management System
Vulnerability Management System
IRJET Journal
 
Vulnerability Management in IT Infrastructure
Vulnerability Management in IT InfrastructureVulnerability Management in IT Infrastructure
Vulnerability Management in IT Infrastructure
IRJET Journal
 
Rational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability AssessmentRational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability Assessment
VESIT/University of Mumbai
 
IRJET- Cross Platform Penetration Testing Suite
IRJET- Cross Platform Penetration Testing SuiteIRJET- Cross Platform Penetration Testing Suite
IRJET- Cross Platform Penetration Testing Suite
IRJET Journal
 
Effective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaSEffective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaS
IRJET Journal
 
IRJET- Testing Web Application using Vulnerability Scan
IRJET- Testing Web Application using Vulnerability ScanIRJET- Testing Web Application using Vulnerability Scan
IRJET- Testing Web Application using Vulnerability Scan
IRJET Journal
 
IRJET- Bug Hunting using Web Application Penetration Testing Techniques.
IRJET- Bug Hunting using Web Application Penetration Testing Techniques.IRJET- Bug Hunting using Web Application Penetration Testing Techniques.
IRJET- Bug Hunting using Web Application Penetration Testing Techniques.
IRJET Journal
 
Using Fuzzy Clustering and Software Metrics to Predict Faults in large Indust...
Using Fuzzy Clustering and Software Metrics to Predict Faults in large Indust...Using Fuzzy Clustering and Software Metrics to Predict Faults in large Indust...
Using Fuzzy Clustering and Software Metrics to Predict Faults in large Indust...
IOSR Journals
 
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed ServersIRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET Journal
 
F017652530
F017652530F017652530
F017652530
IOSR Journals
 
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
iosrjce
 
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET Journal
 
ByteCode pentest report example
ByteCode pentest report exampleByteCode pentest report example
ByteCode pentest report example
Ihor Uzhvenko
 
WAVD: WEB APPLICATION VULNERABILITY DETECTOR
WAVD: WEB APPLICATION VULNERABILITY DETECTORWAVD: WEB APPLICATION VULNERABILITY DETECTOR
WAVD: WEB APPLICATION VULNERABILITY DETECTOR
vivatechijri
 
Bug Tracking System (BTS)
Bug Tracking System (BTS)Bug Tracking System (BTS)
Bug Tracking System (BTS)
IRJET Journal
 
Web Applications Assessment Tools: Comparison and Discussion
Web Applications Assessment Tools: Comparison and DiscussionWeb Applications Assessment Tools: Comparison and Discussion
Web Applications Assessment Tools: Comparison and Discussion
EECJOURNAL
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.com
IJERD Editor
 
CRIME EXPLORATION AND FORECAST
CRIME EXPLORATION AND FORECASTCRIME EXPLORATION AND FORECAST
CRIME EXPLORATION AND FORECAST
IRJET Journal
 
IRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking SystemIRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking System
IRJET Journal
 
IRJET-A Review of Testing Technology in Web Application System
IRJET-A Review of Testing Technology in Web Application SystemIRJET-A Review of Testing Technology in Web Application System
IRJET-A Review of Testing Technology in Web Application System
IRJET Journal
 
Self-Protecting Technology for Web Applications
Self-Protecting Technology for Web ApplicationsSelf-Protecting Technology for Web Applications
Self-Protecting Technology for Web Applications
IRJET Journal
 
J034057065
J034057065J034057065
J034057065
ijceronline
 
OWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference GuideOWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference Guide
Aryan G
 
Systematic Review Automation in Cyber Security
Systematic Review Automation in Cyber SecuritySystematic Review Automation in Cyber Security
Systematic Review Automation in Cyber Security
YogeshIJTSRD
 
Information hiding based on optimization technique for Encrypted Images
Information hiding based on optimization technique for Encrypted ImagesInformation hiding based on optimization technique for Encrypted Images
Information hiding based on optimization technique for Encrypted Images
IRJET Journal
 
Predicting Software Defects Using Bayesian Network Approach
Predicting Software Defects Using Bayesian Network ApproachPredicting Software Defects Using Bayesian Network Approach
Predicting Software Defects Using Bayesian Network Approach
theijes
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paper
Tawnia Beckwith
 
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTSSECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
ijseajournal
 
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
IRJET Journal
 
BRAIN TUMOUR DETECTION AND CLASSIFICATION
BRAIN TUMOUR DETECTION AND CLASSIFICATIONBRAIN TUMOUR DETECTION AND CLASSIFICATION
BRAIN TUMOUR DETECTION AND CLASSIFICATION
IRJET Journal
 
Ad

More Related Content

Similar to A Study on Vulnerability Management (20)

IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed ServersIRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET Journal
 
F017652530
F017652530F017652530
F017652530
IOSR Journals
 
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
iosrjce
 
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET Journal
 
ByteCode pentest report example
ByteCode pentest report exampleByteCode pentest report example
ByteCode pentest report example
Ihor Uzhvenko
 
WAVD: WEB APPLICATION VULNERABILITY DETECTOR
WAVD: WEB APPLICATION VULNERABILITY DETECTORWAVD: WEB APPLICATION VULNERABILITY DETECTOR
WAVD: WEB APPLICATION VULNERABILITY DETECTOR
vivatechijri
 
Bug Tracking System (BTS)
Bug Tracking System (BTS)Bug Tracking System (BTS)
Bug Tracking System (BTS)
IRJET Journal
 
Web Applications Assessment Tools: Comparison and Discussion
Web Applications Assessment Tools: Comparison and DiscussionWeb Applications Assessment Tools: Comparison and Discussion
Web Applications Assessment Tools: Comparison and Discussion
EECJOURNAL
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.com
IJERD Editor
 
CRIME EXPLORATION AND FORECAST
CRIME EXPLORATION AND FORECASTCRIME EXPLORATION AND FORECAST
CRIME EXPLORATION AND FORECAST
IRJET Journal
 
IRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking SystemIRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking System
IRJET Journal
 
IRJET-A Review of Testing Technology in Web Application System
IRJET-A Review of Testing Technology in Web Application SystemIRJET-A Review of Testing Technology in Web Application System
IRJET-A Review of Testing Technology in Web Application System
IRJET Journal
 
Self-Protecting Technology for Web Applications
Self-Protecting Technology for Web ApplicationsSelf-Protecting Technology for Web Applications
Self-Protecting Technology for Web Applications
IRJET Journal
 
J034057065
J034057065J034057065
J034057065
ijceronline
 
OWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference GuideOWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference Guide
Aryan G
 
Systematic Review Automation in Cyber Security
Systematic Review Automation in Cyber SecuritySystematic Review Automation in Cyber Security
Systematic Review Automation in Cyber Security
YogeshIJTSRD
 
Information hiding based on optimization technique for Encrypted Images
Information hiding based on optimization technique for Encrypted ImagesInformation hiding based on optimization technique for Encrypted Images
Information hiding based on optimization technique for Encrypted Images
IRJET Journal
 
Predicting Software Defects Using Bayesian Network Approach
Predicting Software Defects Using Bayesian Network ApproachPredicting Software Defects Using Bayesian Network Approach
Predicting Software Defects Using Bayesian Network Approach
theijes
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paper
Tawnia Beckwith
 
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTSSECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
ijseajournal
 
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed ServersIRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET Journal
 
F017652530
F017652530F017652530
F017652530
IOSR Journals
 
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
A Review on Software Fault Detection and Prevention Mechanism in Software Dev...
iosrjce
 
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET- An Efficient Hardware-Oriented Runtime Approach for Stack-Based Softwa...
IRJET Journal
 
ByteCode pentest report example
ByteCode pentest report exampleByteCode pentest report example
ByteCode pentest report example
Ihor Uzhvenko
 
WAVD: WEB APPLICATION VULNERABILITY DETECTOR
WAVD: WEB APPLICATION VULNERABILITY DETECTORWAVD: WEB APPLICATION VULNERABILITY DETECTOR
WAVD: WEB APPLICATION VULNERABILITY DETECTOR
vivatechijri
 
Bug Tracking System (BTS)
Bug Tracking System (BTS)Bug Tracking System (BTS)
Bug Tracking System (BTS)
IRJET Journal
 
Web Applications Assessment Tools: Comparison and Discussion
Web Applications Assessment Tools: Comparison and DiscussionWeb Applications Assessment Tools: Comparison and Discussion
Web Applications Assessment Tools: Comparison and Discussion
EECJOURNAL
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.com
IJERD Editor
 
CRIME EXPLORATION AND FORECAST
CRIME EXPLORATION AND FORECASTCRIME EXPLORATION AND FORECAST
CRIME EXPLORATION AND FORECAST
IRJET Journal
 
IRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking SystemIRJET- A Review on Bug Tracking System
IRJET- A Review on Bug Tracking System
IRJET Journal
 
IRJET-A Review of Testing Technology in Web Application System
IRJET-A Review of Testing Technology in Web Application SystemIRJET-A Review of Testing Technology in Web Application System
IRJET-A Review of Testing Technology in Web Application System
IRJET Journal
 
Self-Protecting Technology for Web Applications
Self-Protecting Technology for Web ApplicationsSelf-Protecting Technology for Web Applications
Self-Protecting Technology for Web Applications
IRJET Journal
 
J034057065
J034057065J034057065
J034057065
ijceronline
 
OWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference GuideOWASP Secure Coding Quick Reference Guide
OWASP Secure Coding Quick Reference Guide
Aryan G
 
Systematic Review Automation in Cyber Security
Systematic Review Automation in Cyber SecuritySystematic Review Automation in Cyber Security
Systematic Review Automation in Cyber Security
YogeshIJTSRD
 
Information hiding based on optimization technique for Encrypted Images
Information hiding based on optimization technique for Encrypted ImagesInformation hiding based on optimization technique for Encrypted Images
Information hiding based on optimization technique for Encrypted Images
IRJET Journal
 
Predicting Software Defects Using Bayesian Network Approach
Predicting Software Defects Using Bayesian Network ApproachPredicting Software Defects Using Bayesian Network Approach
Predicting Software Defects Using Bayesian Network Approach
theijes
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paper
Tawnia Beckwith
 
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTSSECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
SECURING SOFTWARE DEVELOPMENT STAGES USING ASPECT-ORIENTATION CONCEPTS
ijseajournal
 

More from IRJET Journal (20)

Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
IRJET Journal
 
BRAIN TUMOUR DETECTION AND CLASSIFICATION
BRAIN TUMOUR DETECTION AND CLASSIFICATIONBRAIN TUMOUR DETECTION AND CLASSIFICATION
BRAIN TUMOUR DETECTION AND CLASSIFICATION
IRJET Journal
 
The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...
The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...
The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...
IRJET Journal
 
"Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ...
"Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ..."Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ...
"Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ...
IRJET Journal
 
Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...
Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...
Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...
IRJET Journal
 
Breast Cancer Detection using Computer Vision
Breast Cancer Detection using Computer VisionBreast Cancer Detection using Computer Vision
Breast Cancer Detection using Computer Vision
IRJET Journal
 
Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.
IRJET Journal
 
Analysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the HeliosphereAnalysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the Heliosphere
IRJET Journal
 
A Novel System for Recommending Agricultural Crops Using Machine Learning App...
A Novel System for Recommending Agricultural Crops Using Machine Learning App...A Novel System for Recommending Agricultural Crops Using Machine Learning App...
A Novel System for Recommending Agricultural Crops Using Machine Learning App...
IRJET Journal
 
Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.
IRJET Journal
 
Analysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the HeliosphereAnalysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the Heliosphere
IRJET Journal
 
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
IRJET Journal
 
FIR filter-based Sample Rate Convertors and its use in NR PRACH
FIR filter-based Sample Rate Convertors and its use in NR PRACHFIR filter-based Sample Rate Convertors and its use in NR PRACH
FIR filter-based Sample Rate Convertors and its use in NR PRACH
IRJET Journal
 
Kiona – A Smart Society Automation Project
Kiona – A Smart Society Automation ProjectKiona – A Smart Society Automation Project
Kiona – A Smart Society Automation Project
IRJET Journal
 
Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...
Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...
Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...
IRJET Journal
 
A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...
A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...
A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...
IRJET Journal
 
Invest in Innovation: Empowering Ideas through Blockchain Based Crowdfunding
Invest in Innovation: Empowering Ideas through Blockchain Based CrowdfundingInvest in Innovation: Empowering Ideas through Blockchain Based Crowdfunding
Invest in Innovation: Empowering Ideas through Blockchain Based Crowdfunding
IRJET Journal
 
DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...
DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...
DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...
IRJET Journal
 
SPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUB
SPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUBSPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUB
SPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUB
IRJET Journal
 
AR Application: Homewise VisionMs. Vaishali Rane, Om Awadhoot, Bhargav Gajare...
AR Application: Homewise VisionMs. Vaishali Rane, Om Awadhoot, Bhargav Gajare...AR Application: Homewise VisionMs. Vaishali Rane, Om Awadhoot, Bhargav Gajare...
AR Application: Homewise VisionMs. Vaishali Rane, Om Awadhoot, Bhargav Gajare...
IRJET Journal
 
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
IRJET Journal
 
BRAIN TUMOUR DETECTION AND CLASSIFICATION
BRAIN TUMOUR DETECTION AND CLASSIFICATIONBRAIN TUMOUR DETECTION AND CLASSIFICATION
BRAIN TUMOUR DETECTION AND CLASSIFICATION
IRJET Journal
 
The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...
The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...
The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...
IRJET Journal
 
"Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ...
"Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ..."Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ...
"Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ...
IRJET Journal
 
Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...
Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...
Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...
IRJET Journal
 
Breast Cancer Detection using Computer Vision
Breast Cancer Detection using Computer VisionBreast Cancer Detection using Computer Vision
Breast Cancer Detection using Computer Vision
IRJET Journal
 
Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.
IRJET Journal
 
Analysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the HeliosphereAnalysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the Heliosphere
IRJET Journal
 
A Novel System for Recommending Agricultural Crops Using Machine Learning App...
A Novel System for Recommending Agricultural Crops Using Machine Learning App...A Novel System for Recommending Agricultural Crops Using Machine Learning App...
A Novel System for Recommending Agricultural Crops Using Machine Learning App...
IRJET Journal
 
Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.
IRJET Journal
 
Analysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the HeliosphereAnalysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the Heliosphere
IRJET Journal
 
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
IRJET Journal
 
FIR filter-based Sample Rate Convertors and its use in NR PRACH
FIR filter-based Sample Rate Convertors and its use in NR PRACHFIR filter-based Sample Rate Convertors and its use in NR PRACH
FIR filter-based Sample Rate Convertors and its use in NR PRACH
IRJET Journal
 
Kiona – A Smart Society Automation Project
Kiona – A Smart Society Automation ProjectKiona – A Smart Society Automation Project
Kiona – A Smart Society Automation Project
IRJET Journal
 
Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...
Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...
Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...
IRJET Journal
 
A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...
A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...
A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...
IRJET Journal
 
Invest in Innovation: Empowering Ideas through Blockchain Based Crowdfunding
Invest in Innovation: Empowering Ideas through Blockchain Based CrowdfundingInvest in Innovation: Empowering Ideas through Blockchain Based Crowdfunding
Invest in Innovation: Empowering Ideas through Blockchain Based Crowdfunding
IRJET Journal
 
DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...
DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...
DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...
IRJET Journal
 
SPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUB
SPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUBSPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUB
SPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUB
IRJET Journal
 
AR Application: Homewise VisionMs. Vaishali Rane, Om Awadhoot, Bhargav Gajare...
AR Application: Homewise VisionMs. Vaishali Rane, Om Awadhoot, Bhargav Gajare...AR Application: Homewise VisionMs. Vaishali Rane, Om Awadhoot, Bhargav Gajare...
AR Application: Homewise VisionMs. Vaishali Rane, Om Awadhoot, Bhargav Gajare...
IRJET Journal
 
Ad

Recently uploaded (20)

"Boiler Feed Pump (BFP): Working, Applications, Advantages, and Limitations E...
"Boiler Feed Pump (BFP): Working, Applications, Advantages, and Limitations E..."Boiler Feed Pump (BFP): Working, Applications, Advantages, and Limitations E...
"Boiler Feed Pump (BFP): Working, Applications, Advantages, and Limitations E...
Infopitaara
 
Fort night presentation new0903 pdf.pdf.
Fort night presentation new0903 pdf.pdf.Fort night presentation new0903 pdf.pdf.
Fort night presentation new0903 pdf.pdf.
anuragmk56
 
AI-assisted Software Testing (3-hours tutorial)
AI-assisted Software Testing (3-hours tutorial)AI-assisted Software Testing (3-hours tutorial)
AI-assisted Software Testing (3-hours tutorial)
Vəhid Gəruslu
 
some basics electrical and electronics knowledge
some basics electrical and electronics knowledgesome basics electrical and electronics knowledge
some basics electrical and electronics knowledge
nguyentrungdo88
 
DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...
DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...
DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...
charlesdick1345
 
five-year-soluhhhhhhhhhhhhhhhhhtions.pdf
five-year-soluhhhhhhhhhhhhhhhhhtions.pdffive-year-soluhhhhhhhhhhhhhhhhhtions.pdf
five-year-soluhhhhhhhhhhhhhhhhhtions.pdf
AdityaSharma944496
 
Artificial Intelligence (AI) basics.pptx
Artificial Intelligence (AI) basics.pptxArtificial Intelligence (AI) basics.pptx
Artificial Intelligence (AI) basics.pptx
aditichinar
 
Data Structures_Searching and Sorting.pptx
Data Structures_Searching and Sorting.pptxData Structures_Searching and Sorting.pptx
Data Structures_Searching and Sorting.pptx
RushaliDeshmukh2
 
Reagent dosing (Bredel) presentation.pptx
Reagent dosing (Bredel) presentation.pptxReagent dosing (Bredel) presentation.pptx
Reagent dosing (Bredel) presentation.pptx
AlejandroOdio
 
Data Structures_Introduction to algorithms.pptx
Data Structures_Introduction to algorithms.pptxData Structures_Introduction to algorithms.pptx
Data Structures_Introduction to algorithms.pptx
RushaliDeshmukh2
 
new ppt artificial intelligence historyyy
new ppt artificial intelligence historyyynew ppt artificial intelligence historyyy
new ppt artificial intelligence historyyy
PianoPianist
 
Explainable-Artificial-Intelligence-XAI-A-Deep-Dive (1).pptx
Explainable-Artificial-Intelligence-XAI-A-Deep-Dive (1).pptxExplainable-Artificial-Intelligence-XAI-A-Deep-Dive (1).pptx
Explainable-Artificial-Intelligence-XAI-A-Deep-Dive (1).pptx
MahaveerVPandit
 
ELectronics Boards & Product Testing_Shiju.pdf
ELectronics Boards & Product Testing_Shiju.pdfELectronics Boards & Product Testing_Shiju.pdf
ELectronics Boards & Product Testing_Shiju.pdf
Shiju Jacob
 
Introduction to Zoomlion Earthmoving.pptx
Introduction to Zoomlion Earthmoving.pptxIntroduction to Zoomlion Earthmoving.pptx
Introduction to Zoomlion Earthmoving.pptx
AS1920
 
"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...
"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G..."Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...
"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...
Infopitaara
 
Level 1-Safety.pptx Presentation of Electrical Safety
Level 1-Safety.pptx Presentation of Electrical SafetyLevel 1-Safety.pptx Presentation of Electrical Safety
Level 1-Safety.pptx Presentation of Electrical Safety
JoseAlbertoCariasDel
 
211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf
211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf
211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf
inmishra17121973
 
introduction to machine learining for beginers
introduction to machine learining for beginersintroduction to machine learining for beginers
introduction to machine learining for beginers
JoydebSheet
 
Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptx
Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptxLidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptx
Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptx
RishavKumar530754
 
Smart_Storage_Systems_Production_Engineering.pptx
Smart_Storage_Systems_Production_Engineering.pptxSmart_Storage_Systems_Production_Engineering.pptx
Smart_Storage_Systems_Production_Engineering.pptx
rushikeshnavghare94
 
"Boiler Feed Pump (BFP): Working, Applications, Advantages, and Limitations E...
"Boiler Feed Pump (BFP): Working, Applications, Advantages, and Limitations E..."Boiler Feed Pump (BFP): Working, Applications, Advantages, and Limitations E...
"Boiler Feed Pump (BFP): Working, Applications, Advantages, and Limitations E...
Infopitaara
 
Fort night presentation new0903 pdf.pdf.
Fort night presentation new0903 pdf.pdf.Fort night presentation new0903 pdf.pdf.
Fort night presentation new0903 pdf.pdf.
anuragmk56
 
AI-assisted Software Testing (3-hours tutorial)
AI-assisted Software Testing (3-hours tutorial)AI-assisted Software Testing (3-hours tutorial)
AI-assisted Software Testing (3-hours tutorial)
Vəhid Gəruslu
 
some basics electrical and electronics knowledge
some basics electrical and electronics knowledgesome basics electrical and electronics knowledge
some basics electrical and electronics knowledge
nguyentrungdo88
 
DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...
DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...
DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...
charlesdick1345
 
five-year-soluhhhhhhhhhhhhhhhhhtions.pdf
five-year-soluhhhhhhhhhhhhhhhhhtions.pdffive-year-soluhhhhhhhhhhhhhhhhhtions.pdf
five-year-soluhhhhhhhhhhhhhhhhhtions.pdf
AdityaSharma944496
 
Artificial Intelligence (AI) basics.pptx
Artificial Intelligence (AI) basics.pptxArtificial Intelligence (AI) basics.pptx
Artificial Intelligence (AI) basics.pptx
aditichinar
 
Data Structures_Searching and Sorting.pptx
Data Structures_Searching and Sorting.pptxData Structures_Searching and Sorting.pptx
Data Structures_Searching and Sorting.pptx
RushaliDeshmukh2
 
Reagent dosing (Bredel) presentation.pptx
Reagent dosing (Bredel) presentation.pptxReagent dosing (Bredel) presentation.pptx
Reagent dosing (Bredel) presentation.pptx
AlejandroOdio
 
Data Structures_Introduction to algorithms.pptx
Data Structures_Introduction to algorithms.pptxData Structures_Introduction to algorithms.pptx
Data Structures_Introduction to algorithms.pptx
RushaliDeshmukh2
 
new ppt artificial intelligence historyyy
new ppt artificial intelligence historyyynew ppt artificial intelligence historyyy
new ppt artificial intelligence historyyy
PianoPianist
 
Explainable-Artificial-Intelligence-XAI-A-Deep-Dive (1).pptx
Explainable-Artificial-Intelligence-XAI-A-Deep-Dive (1).pptxExplainable-Artificial-Intelligence-XAI-A-Deep-Dive (1).pptx
Explainable-Artificial-Intelligence-XAI-A-Deep-Dive (1).pptx
MahaveerVPandit
 
ELectronics Boards & Product Testing_Shiju.pdf
ELectronics Boards & Product Testing_Shiju.pdfELectronics Boards & Product Testing_Shiju.pdf
ELectronics Boards & Product Testing_Shiju.pdf
Shiju Jacob
 
Introduction to Zoomlion Earthmoving.pptx
Introduction to Zoomlion Earthmoving.pptxIntroduction to Zoomlion Earthmoving.pptx
Introduction to Zoomlion Earthmoving.pptx
AS1920
 
"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...
"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G..."Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...
"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...
Infopitaara
 
Level 1-Safety.pptx Presentation of Electrical Safety
Level 1-Safety.pptx Presentation of Electrical SafetyLevel 1-Safety.pptx Presentation of Electrical Safety
Level 1-Safety.pptx Presentation of Electrical Safety
JoseAlbertoCariasDel
 
211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf
211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf
211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf
inmishra17121973
 
introduction to machine learining for beginers
introduction to machine learining for beginersintroduction to machine learining for beginers
introduction to machine learining for beginers
JoydebSheet
 
Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptx
Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptxLidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptx
Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptx
RishavKumar530754
 
Smart_Storage_Systems_Production_Engineering.pptx
Smart_Storage_Systems_Production_Engineering.pptxSmart_Storage_Systems_Production_Engineering.pptx
Smart_Storage_Systems_Production_Engineering.pptx
rushikeshnavghare94
 
Ad

A Study on Vulnerability Management

  • 1. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2497 A Study on Vulnerability Management Piyush Somani1, Poornima Kulkarni2 1Student, Department of Information Science and Engineering, RV College of Engineering, Bangalore, India 2 Assistant Professor, Department of Information Science Engineering, RV College of Engineering, Bangalore, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Vulnerability Management is a pervasive problem in the development of any codebase. In the basic terms conceivable, a cyber vulnerability is any inaccuracy, shortcoming, or defect in an information system, internal control systems, or system processes of an organisation. It might be referred to as an imperfection or deficiency in the architecture of the code base which produces application malfunctions. Accordingly, it is important to implement a robust vulnerability management measure to avoid widespread assaults or even to mitigatethedamageinflicted by a cyberattack. In this work, a VulnerabilitiesManagement System (VMS) solution is proposed. Key Words: Software vulnerabilities, vulnerability management, vulnerability database, and vulnerability management system 1. INTRODUCTION Presently, firmware which governs an electronic device's operation are incorporated through every electrical appliance. Those application programs, developed by various engineers with such a smaller percentage of code, might well be enormously complicated and yet are later shown in a comprehensive technology program or project. Almost majority of cases, application software errors are caused from lingering problems or vulnerabilities insidethe code that can generate unforeseen consequences. The computer program is vulnerable to the impact of this flaw inside the programming language. Software vulnerabilities therefore are discovered in application softwareorsoftware platforms that also have unresolved issues, flaws, or vulnerabilities. Eventually, such program vulnerability provides a good example of the a point of entry into a software platform, which can cause significant harm to the system, that both computer hosting the software as well as the device associated towards the infected system Notwithstanding in all security protocols, as even more individuals are browsing the network, vulnerabilities are indeed being identified at an accelerating rate. Source code abnormalities, inconsistencies, and flaws can developinjust about any device that seems to have programming functionalities; consequently, detection mechanismsshould emerge both for attempting to resolve and mitigating software vulnerabilities. that both the computer hosting the software as well as the device associated with the infected system. Notwithstanding in all security protocols, as even more individuals are browsing the network, vulnerabilities are indeed being identified at an accelerating rate. Source code abnormalities, inconsistencies, and flaws can developinjust about any device that seems to have programming functionalities; consequently, detection mechanismsshould emerge both for attempting to resolve and mitigating software vulnerabilities. A hacker continually aims to break into the a system and acquire credentials that would give them access to sensitive data or resources. A cyberattack potentially lead to significant financial destruction, damage to someone's character, including loss of irreplaceable information. If this programming structure is subjected to penetration testers, then susceptibility areas must be detected. Figure 1 depicts a brief overview of vulnerability management has to be implemented. Fig 1. A Brief Overview of Vulnerability Management 1.1 Sub Heading 1 2. RELATED WORK This section focuses on research which has already been conducted. The existing work will serve as a foundation for something like the construction of a new vulnerable management system featuring advanced benefits. The author in [1] providesa novel vulnerabilitymanagement solution, known as the Software Vulnerability Integrated Management System (SV-IMS), has indeed been introduced by that of the authors in this study. That program can operate security screening to identify program weaknesses, as well as the outcomes of these kinds of tests could be seen on a different platform. Furthermore, it specifies the Popularly Known Scoring Scheme , a worldwide ratings system that evaluates the gravity of bugs.
  • 2. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2498 The author in [2] describesSpringBootwhichisa java-based framework for building web and enterpriseapplicationsand how it provides the flexibility for service-oriented architecture (SOA). As a result, this paper suggests that the SOA based REST API using Spring Boot Framework has definite advantages over other spring-based frameworks. The author in [3] highlights the necessity of accurate and comprehensive information being provided in bug reports intended to assist inside the quicker response of errors. Nevertheless, following multiple cyclesofinteractionamong correspondents and programmers, relevant information frequently trickles to developers. Inefficient debugging methods are partially to blame for the prolonged information sharing. By recommending four main routesfor improvements, it tackles the issues with bug tracking systems. It also exhibits a proof-of-concept interactive bug tracking system that asks users for pertinent information and identifies files that need to be updated in order to remedy the fault. In [4] this research study, the author discusses Common Vulnerability Exposure (CVE) and Common Security Vulnerabilities Languages, two global, community-based efforts involving business, the public sector, and research. Although OVAL seeks to provide enough methods for comprehensive vulnerability analysis as well as result in standardized reporting information security standards for networks, CVE determines the best method for generating vulnerability notifications increasingly appropriate to different organisations. The authors in [5] describe thetoolsforprojectmanagement and issues/bugs tracking that are becoming useful for governing the development process of Open Source software. Such tools simplify the communications process among developers and ensurethescalabilityofa project.The more information developers are able to exchange, the clearer are the goals, and the higher is the number of developers keen on joining and actively collaborating on a project. The author [6] established a method that made use of a learning algorithm and depth of knowledge. Through using this, the cyber risk management identifies, assesses, and negates the problem automatically. Challenges, security risks, reputational harm, and Economic loss all are minimized by the proposed approach. The author in [7] provides information in order to identify the vulnerabilities for injection attacks, the author of this research has created an automated vulnerability scanner. The webpage is continuously analysed by this system for Cross - site request and Sql injectionattacks.TheNationwide Vulnerable Database, or Dynamic model, is also another component of the proposed system. The author in [8] provides data by building a vulnerability database, the author of this research study has developed a new technique for creating and managing vulnerabilities. A new National Vulnerability Dataset (NDV) platform may be used by different companies in this proposed study.A recently found bug could also be registered inside theNeeds to request database while still being referred to. In [9] the SCADA system's vulnerability is evaluated to use a paradigm that this researcher has developed in risk assessments. Three levels are engaged in this: Technology, Circumstances, and gateways. The systems with such a gateway and credential patterns serves as a foundation for this architecture. Overall impact of the operation is also analysed using the proposed framework, and countermeasures for strengthening computer security are developed. The author in [10] implies implementing a risk database management system. The use of security devices could be extended upon and using this online system. The architecture of the weaknesses information and indeed the technique for generating the problems information are presented in this research. 3. METHODOLOGY The objective of the vulnerabilities control system is to identify and evaluate any application software problems. The morphological inspection and static analysisareusedto conduct this assessment. Every weakness discoveredwill be reviewed, maintained in the VMS database, and tested if any software application is tested utilising the planned VMS technology. If indeed the identified exposure is a product, it can be registered in the VMS repository after already being evaluated either by various agencies. Comparable to the Appeared As early Points System, the Risk Monitoring System would not only discover the weaknessbutitwill also assess or rank its intensity. Fig 2. A Brief Overview of Scanning of Vulnerability Management System
  • 3. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2499 A bug scanner, a process control platform,anda data storage comprise three main parts of the vulnerability management system. A bug scanner will have an unique interfaceitisonly for and has a variety of functional characteristics. Any member of a product's security teamcanusethisinterface to advise the scanner here about how to continue withthenext step. The computational system will analyse the computer user's code and binaries. Automatically selected procedures would be used to conduct this evaluation. Any weaknesses identified during the technology manufacturer's testing phase would be recorded in the database. Figure 2 depicts the use of the scanner. All previously unknown weaknesses would be recorded in the repository. Data processing is categorized into 4 main phases, comprisingfindingvulnerabilities,evaluatingvulnerabilities, resolving vulnerabilities, and disclosing vulnerabilities, throughout order to increase the effectiveness of scanning. Figure 3 depicts the four phases of the data processing. Fig 3. The four phases of the data processing. A. Finding Vulnerabilities The detection of risk is the most pivotal point in a Vulnerability Management system. The flaws in the evaluated software package would be disclosedasa resultof this process. Any open ports and functions that really are existent in the software programme would be scanned and recognized during this process. That information would be utilized to just provide summaries, statistics,aswell asother attributes. B. Evaluating Vulnerabilities The computer algorithm will have to evaluate all the risks once they've been identified and properly handled. Furthermore, overall intensity of the identified weakness will be evaluated in this phase, as well as the high transformation would beratedorassessed.Theorganization needs to determine how and where to highlight the identified issues that use these exposure ratings. C. Resolving Vulnerabilities It's essential to address risks after grading issues and prioritising many who were identified. The computer programmer of a tested application would be available seeing the weaknesses identified during this procedure. After that, the programmer has three alternatives regarding addressing the issue: rectification, abatement,andadoption. D. Disclosing Vulnerability The speed and agility of detecting and preventing computer products will increase with using risk managementsystems. Throughout this operation, a statement knownasa software agency's scan test will indeed be created. A visual representation using several variables, including such risk scoring, etc., would be accessiblewiththeVMSsystem.Every user also may raise a ticket at this point to accelerate the sharing of the comprehensive study or data 4.IMPROVING VMS SYSTEM The complete details in the first vulnerability report, or as soon as possible, aid programmersinresolvingtheissue fast. This work aims at enhancing vulnerability scanningsystems with the intent of creating vulnerability reports increasingly comprehensive. Researchers are particularly consisting of four ways to enhance vulnerability scanning systems. A. Equipment Based Vulnerability scanning processor architectures' characteristics are augmented with equipment based enhancements. Those that can help alleviate the hardship of knowledge storage and distribution. Vulnerability scanning processes, for instance, can be designed to automatically pinpoint the pertinent automatically send as well asaddthis to an user query. Besides that, having provided stages to produce offspring can indeed be done by machines through using acquisition techniques ormeta;actual behaviourcould be easily proved by standardising screen grab; and possible solutions can indeed be automatically generated. Every one of the case studies above are intended to assist inside the collection of information required by dev’s to identify vulnerabilities. B. Knowledge Based The material becoming supplied by the reporters is the immediate priorityoftheseimprovements.Technologieslike Cedilla , that provide real-time assessment on the value of the evidence provided and what can be added to maximize
  • 4. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2500 value, can be implemented into vulnerability systems. Reporters may be encouraged above and beyond andcollect more data if indeed the system gives helpful recommendations. Technologies could be further modified to perform out assessmentmethods,includingsuchverifying that supplied modifications are acceptable as well as the reported stack tracing is accurate and consistent C. Technique Based Technique-centric enhancements to vulnerability management systems concentrate on coordinating adware efforts. Selecting whichever worker will fix a bug, for example, could be mechanized to accelerate the process. Additional instances involve giving users an advance approximation of that when their issue wouldberesolved or create and encourage of something like the advancement achieved on event logs (so that reportsareknowledgeableof the ways of responding to their efforts). D. User Based Reporters and programmers are both included in this. Reporters can understand what to do togetmaterial orwhat to provide. Engineers also can benefit from similar requirements on what characteristics to expect in reports and use this information to resolve bugs. 5. ADVANTAGES Some of the proposed benefits of the Vulnerability Management systems are envisioned as follows: A. Increased Security Software that has security weaknesses give hackers a way into the computer network. Finding these vulnerabilities is essential for protecting all assets and corporate data. Following that, these problems are rated for severity and given a priority. The evaluated report aids in fixing IT asset weaknesses and shielding them from cyber-attacks that might expose the network to security risks. Furthermore, IT security professionals are able to locate vulnerabilities remotely without being present physically in the computer environment. They can manage high-risk problems with the least amount of IT resources thanks to it.Figure4depictsthe increase in security of data. Fig 4. An example of increased security B. Operational Efficiency IT security professionals may remedy the most serious IT security concerns immediately and deal with the lesserones afterwards with the review of the vulnerability list. The uncertainty during the clean-up process is eliminated if the effect of the potential dangers to the business is identified. Additionally, organisations may remotely automate and manage vulnerabilities. As a consequence, it saves time and improves operational efficiency by lessening the burden of owning and maintaining hardwareandsoftwareupgrades.A thorough vulnerability management solution significantly reduces the work required by the security team. To reduce the likelihood of cyberattacks and improve the security posture, limited IT resources will be needed. C. Far Less Expensive No matter what kind of digital marketing strategy your business is involved in, overcrowding will always be an obstacle to success. Competing against a large marketing budget no longer has to play a factor in the ability to achieve success. It is a very good marketing platform related to marketing and anyone can do it! Paid ads quickly shut down small businesses that companies can afford. D. Visibility and Reporting The visibility of the security teams would suffer if the vulnerability reports are manually compiled across hundreds of assets. It is challenging to display the vulnerability data from one scan to another using conventional methodologies. Consequently, it is imperative to have a complete vulnerability management system with an operational dashboard. It provides a security flaw's severity rating, charts, solutions recommendations, and creates personalised reports, all of which assist in establishing a strong case for new security activities. An IT team may then secure their computer environment with better-informed security decisions. Additionally, they may begin the remedy process immediately following each report. It helps teams operate more efficiently, lessens team fatigue, and takes the guesswork out of things. 6. CONCLUSIONS The research introduced the Vulnerability Management System (VMS), which will identify and report a software product's vulnerabilities. We will researchthecurrentthreat detection model and evaluate its effectiveness and speed of detection. Afterwards, we'll trytocreatea model thatmodels outcomes greater rapidly, correctly, and efficiently. The improvised model also will determine the severity of an impact a weakness will have on the system, helping in prioritising vulnerabilities. Existing vulnerability management systems do not adequately extract all of the necessary information by
  • 5. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 09 Issue: 07 | July 2022 www.irjet.net p-ISSN: 2395-0072 © 2022, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 2501 designers. Users believe vulnerability scanningtechnologies must be upgraded to efficiently obtain data because without it, developers can easily fix errors. The study postulates five main areas for improvement. It may be preferable to make a series of changes from some of these categories, problem tracking systems may also want to specialise, giving a wide variety of choices. In comparison to existing scenarios, where they all offer the same functionality, this would be a welcome improvement. Researchers also defined an online system of collecting data from reports and utilising that tool to determine the error's source as an example of the kind of enhancements we support. Researchers ran a preliminary analysis wherein the researchers mimicked a dynamic bug monitoring system in order to demonstratetheusefulnessof that kind of proposal. In order to obtain relevant data about the defect immediately on and recommend prospective documents that need to be fixed, the system prompts the user situationally questions. This one will definitely speed the vulnerability process. Inside, we will develop from the dynamic system's current prototypes to a complete system which can manage a range of information gathering, as is commonly seen in the real world.. REFERENCES [1] Madalina Aldea, Daniel Georgica, Victor Croitoru, “Software Vulnerabilities Integrated Management System”, 2020 13th International Conference on Communications (COMM), IEEE, 2020: pp. 97 - 102, doi: 10.1109/COMM48946.2020.9141970 [2] K. Guntupally, R. Devarakonda and K. Kehoe, "Spring Boot based REST API to Improve Data Quality Report Generation for Big Scientific Data: ARM Data Centre Example," 2018 IEEE International Conference on Big Data (Big Data), 2018 [3] GeonLyang Kim, JinTae Oh, DongI Seo, JeongNyeo Kim, “The Design of Vulnerability Management System”, International Research Journal of Engineering and Technology (IRJET)e-ISSN:2395-0056Volume:08Issue: 11 | Nov 2021 www.irjet.net p-ISSN: 2395-0072©2021, IRJET | Impact Factor value: 7.529 | ISO 9001:2008 Certified Journal | Page 28IJCSNSInternational Journal of Computer Science and Network Security, VOL.13 No.4, April 2013: pp. 19 – 24 [4] Manoj Kumar, Arun Sharma, “An integrated framework for software vulnerability detection, analysis and mitigation: an autonomic system”, Indian Academy of Sciences Sadhana Vol. 42, No. 9, September 2017, pp. 1481–1493, doi: 10.1007/s12046-017-0696-7 [5] Chee-Wooi Ten, Chen-Ching Liu, Govindarasu Manimaran, “Vulnerability Assessment of Cybersecurity for SCADA Systems”, IEEE Transactions on Power Systems, Vol. 23, no. 4, November 2008, pp. 1836-1846, doi: 10.1109/TPWRS.2008.2002298.ff [6] Y. Jin, Z. Lin and H. Lin, "The Research of Search Engine Based on Semantic Web," 2020International Symposium on Intelligent Information Technology Application Workshops, 2020, pp. 360-363, doi: 10.1109/IITA.Workshops.2020.193. [7] Armold; Hyla, Rowe, “Automatically Building an Information-Security VulnerabilityDatabase”,2006IEEE Information Assurance Workshop”, 21-23 June2006, pp. 376-377, doi: 10.1109/IAW.2006.1652119 [8] Andrey Fedorchenko, Igor Kotenko, Andrey Chechulin, “Design of Integrated Vulnerabilities Database for Computer Networks Security Analysis”, 2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing, 4-6 March 2015, pp. 559-566, doi: 10.1109/PDP.2015.38 [9] M. Rajaram and S. L. S. Vadivu, "Web caching in Semantic Web based multiple search engines," 2010 IEEE International Conference on Computational Intelligence and Computing Research, 2019, pp. 1-7, doi: 10.1109/ICCIC.2019.5705850. [10] Ching-Huang Lin, Chih-Hao Chen, Chi-Sung Laih, “A Study and Implementation of Vulnerability Assessment and Misconfiguration Detection”, 2008 IEEE Asia-Pacific Services Computing Conference, 9-12 Dec. 2008, pp. 1252-1257, doi: 10.1109/APSCC.2008.212 [11] Jan-Min Chen, Chia-Lun Wu, “An automated vulnerability scanner for injection attack based on injection point”, 2010 International Computer Symposium (ICS 2010), 16-18 Dec. 2010, pp. 113 – 118, doi: 10.1109/COMPSYM.2010.5685537 Computational Intelligence and Computing Research, 2020, pp. 1-7, doi: 10.1109/ICCIC.2020.5705850. [12] W. Xiaoyin, Z. Lu, X. Tao, J. Anvik and J. Sun, "An approach to detectingduplicatebugreportsusingnatural language and execution information", Proceedings of International Conference on Software Engineering,2019 [13] R. Devarakonda and K. Kehoe, "Spring Boot based REST API to Improve Data Quality Report Generation for Big Scientific Data: ARM Data Center Example," 2018 IEEE International Conference on Big Data (Big Data), 2018 [14] Qing L, Boyu Z, Jinhua W, Qin Qian L. Research “on key technology of network security situation awareness of private cloud in enterprises”, IEEE 3rd International Conference on Cloud Computing and Big Data Analysis (ICCCBDA),2019 [15] Kumar R, Kumar P. “Special issue on recent trends in artificial intelligence techniques for fault-tolerance, reliability and availability in mission-critical networks. Recent Adv Comput Sci Commun”. 20205.