Hi all, today's talk is about another big 3 in infosec. That's right, as the title infers, today we'll be going over what exactly is a vulnerability, threat, and a risk in a network.
Vulnerability
Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware.
Threat
A person or thing likely to cause damage or danger. In this case, anything or anyone that can exploit a vulnerability we learned about earlier.
Risk
Finally, we have risk. Typically a risk exposes someone or something valued to danger, harm, or loss. In the infosec world it's practically the same. I'd tailor it to be defined as "a result of a potential threat exploiting a vulnerability creating a potential loss of, damage, or destruction of an asset".
Outro
Apologies for all of the theoretical content. I do want to pivot over to practical content, eventually. Currently I train my practical skills everyday but it's nothing I'm allowed to share at the moment. When I start doing projects I will keep you all in the loop. For now, you're stuck with my bad theoretical content. Haha, take care all.