<a href="https://colab.research.google.com/github/guilhermelaviola/CybersecurityProblemSolvingWithDataScience/blob/main/Class09.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# **Vulnerability Analysis**
Information security is a dynamic field that requires continuous vigilance, with vulnerability management being a key component. Vulnerability management involves identifying, analyzing, prioritizing, and mitigating weaknesses in systems, networks, and applications to prevent unauthorized access or disruption. Vulnerabilities may arise from programming errors, misconfigurations, outdated software, or inadequate security practices. Effective management combines automated tools like vulnerability scans with manual analysis by experts, followed by timely remediation such as patching, configuration changes, and enhanced security controls. A comprehensive approach also emphasizes user education, regular security testing, and fostering a security-conscious culture to minimize risks and protect organizational assets.

## **Basic vulnerability scan simulation**

In [1]:
systems = {
    'Server1': ['outdated_software', 'weak_password'],
    'Server2': ['misconfiguration'],
    'Workstation1': [],
    'Workstation2': ['unpatched_os']
}

def scan_vulnerabilities(systems):
    report = {}
    for system, vulnerabilities in systems.items():
        if vulnerabilities:
            report[system] = vulnerabilities
    return report

vuln_report = scan_vulnerabilities(systems)

print('Vulnerability Scan Report:')
for system, vulns in vuln_report.items():
    print(f'{system}: {', '.join(vulns)}')

Vulnerability Scan Report:
Server1: outdated_software, weak_password
Server2: misconfiguration
Workstation2: unpatched_os


## **Vulnerability scan with severity prioritization**

In [2]:
systems = {
    'Server1': [
        {'vuln': 'outdated_software', 'severity': 8},
        {'vuln': 'weak_password', 'severity': 6}
    ],
    'Server2': [
        {'vuln': 'misconfiguration', 'severity': 5}
    ],
    'Workstation1': [],
    'Workstation2': [
        {'vuln': 'unpatched_os', 'severity': 9}
    ]
}

def prioritize_vulnerabilities(systems):
    prioritized_report = {}
    for system, vulns in systems.items():
        if vulns:
            # Sort vulnerabilities by severity descending
            sorted_vulns = sorted(vulns, key=lambda x: x['severity'], reverse=True)
            prioritized_report[system] = sorted_vulns
    return prioritized_report

vuln_report = prioritize_vulnerabilities(systems)

print('Prioritized Vulnerability Report:')
for system, vulns in vuln_report.items():
    print(f'{system}:')
    for v in vulns:
        print(f'  - {v['vuln']} (Severity: {v['severity']})')


Prioritized Vulnerability Report:
Server1:
  - outdated_software (Severity: 8)
  - weak_password (Severity: 6)
Server2:
  - misconfiguration (Severity: 5)
Workstation2:
  - unpatched_os (Severity: 9)
