Kit Arvin R Cadiente | Rafael A Castro | Elia Van A Gica | Kathrice Marie C Mora | Joan V Ternio
The purpose of this project is to establish a Vulnerability Management process for Journey Tech Inc., to be periodically conducted by their organization as it is important for an organization to perform continuous vulnerability management and remediation so weaknesses and vulnerabilities may be discovered before they can be exploited. The Vulnerability Assessment and Penetration Testing Work Flow was used as the methodology as it comprises all of the necessary steps to the VAPT process such as Vulnerability Detection, Attack and Penetration, and Remediation. The implementation of the project objectives were done in a simulated virtual environment where the twelve (12) servers and the firewall appliance of the company were replicated. The researchers used the OpenVAS tool to execute Vulnerability Detection while Metasploit was used for Penetration testing. The suggested Remediation solutions and fixes stated in the Vulnerability scan reports produced were applied to the machines to significantly decrease the number of vulnerabilities found per machine. The results were monitored and each objective was tested to verify that the client’s requirements were properly met. The researchers also provided a network enhancement proposal and a proposed remediated network topology.