International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 09 Issue: 07 | July 2022
p-ISSN: 2395-0072
www.irjet.net
Vulnerability Management in IT Infrastructure Raghav Taori1, Jali Rohan2, Raghavendra Prasad SG3, Dr. K.B. Ramesh4, Suryanarayana Vijay5 Department of Information Science and Engineering, R V College of Engineering, Bangalore, India Department of Electronics and Instrumentation Engineering, R V College of Engineering, Bangalore, India 5Hewlett Packard Enterprise ---------------------------------------------------------------------***--------------------------------------------------------------------1,3
2,4
Abstract – In today's world, cyber security is a major
or not, and whether a false-positive will occur next time around. We came up with a solution to make the task of remediating these vulnerabilities to closure more effective, efficient, and transparent for Security Admins, Infra Admins, and Asset Owners. Vulnerability reports will mainly contain the following information:
concern, and its risks can have far-reaching effects for organizations. The newspaper headlines are dominated by stories about data breaches, for instance. The company suffers from lowered trust levels, and its revenue suffers as a result. Therefore, it is important to comply with security policies. At present, security management processes are manual and need some intelligence and automation. A vulnerability report can be generated in several formats, such as XML, Excel, or CSV. We aim to make the critical infrastructure of the organization cyber-secure and automate the manual process of identifying mission critical assets, threat surfaces, vulnerabilities, and remediation procedures. Our solution was to create a web portal that allows asset owners to log in and see all their assets with vulnerabilities, which can then be remedied according to the solutions provided by the security lead. A web portal was developed using MONGO DB, NODE JS, EXPRESS JS, and REACT JS, so that the user could access the reports from the NOSQL database in an organized way. Besides data analytics, mail escalation, and false positive detection, other features have been implemented as well. Data centers, research labs, and other locations are included in the scope of this project. Assets such as crash & burn and other assets that are not mission-critical are not included in the product.
IP address
CVSS or Severity
Scan date
Comparative study of some applications made in the Vue.js and React.js frameworks [1]. There has been a significant increase in demand for these technologies stacks due to the growing desire for faster systems that are better than the traditional systems. Several JavaScript frameworks are available that have features such as popularity, ease of use, and integration with different technologies. ReactJS and VueJS are compared clearly in terms of the above-mentioned features as well as others. Performance comparison and evaluation of Node.js and traditional web server (IIS) [2]. An analysis of discrete choice models' estimation process has been presented by the author. In the publication, Maximum Likelihood Estimation is described. Due to this, users can estimate many models, including multinomial logit, hybrid models, and others. Moreover, by employing a high number of iterations, the approach aims to eliminate any biases or inclinations that may exist in the model and produces equal weighted answers.
A vulnerability is a weakness in a system that allows threats to compromise assets. It is inevitable that all systems will have vulnerabilities. Vulnerability assessments help identify vulnerabilities using vulnerability scans. Performing a vulnerability assessment on a system is a systematic way of identifying its vulnerabilities and weaknesses ahead of time. Identifying loopholes ahead of time through vulnerability assessments allows any organization to safeguard itself against cyberattacks. We can obtain vulnerability alert reports from tools such as Tenable, Qualys, etc. In order to remedy these vulnerabilities, these reports are currently being analyzed manually, and emails are being sent to the asset owners. The security lead has a tough time determining whether the vulnerabilities have been remedied
Impact Factor value: 7.529
1.1 LITERATURE SURVEY
1. INTRODUCTION
|
Vulnerability name
It is possible to generate vulnerability reports in a variety of formats, such as XML, Excel, or CSV. Our primary objective is to make mission-critical assets cyber-security compliant and automate the manual tasks of identifying mission-critical assets, threat surfaces, and resolving vulnerabilities.
Key Words: Cybersecurity, Security Management, Vulnerability assessment, cyber-security compliant, Mission critical assets, React JS, Node JS, MongoDB, Web Application, MERN Stack
© 2022, IRJET
Research and Application of Node.js Core Technology [3]. Early on in the development of a network, various technologies were employed for front-end and back-end development. With the debut of node.js, the development of the website has undergone enormous changes. A server-side
|
ISO 9001:2008 Certified Journal
|
Page 2637