Vulnerability Analysis

Responsible for assessing systems and networks to identify deviations from acceptable configurations, enclave policy, or local policy. Measure effectiveness of defense-in-depth architecture against known vulnerabilities.

  • T1020: Determine the operational and safety impacts of cybersecurity lapses
  • T1041: Determine impact of software configurations
  • T1069: Evaluate organizational cybersecurity policy regulatory compliance
  • T1070: Evaluate organizational cybersecurity policy alignment with organizational directives
  • T1079: Develop cybersecurity risk profiles
  • T1084: Identify anomalous network activity
  • T1091: Perform authorized penetration testing on enterprise network assets
  • T1118: Identify vulnerabilities
  • T1119: Recommend vulnerability remediation strategies
  • T1229: Maintain deployable cyber defense audit toolkits
  • T1279: Prepare audit reports
  • T1341: Perform required reviews
  • T1489: Correlate incident data
  • T1619: Perform risk and vulnerability assessments
  • T1620: Recommend cost-effective security controls