Vulnerability Assessment Project

Test your vulnerability assessment skills as your progress through seven challenges leveraging free-to-use security tools and services.

1 hour, 14 minutes

Project Description

First you'll set up your environment using JDK 11, Maven 3.6.3 and Git. Then you'll use SNYK, static application security testing with Coverity Scan and a risk assessment template to discover, identify and rate the CWEs and CVEs. Finally, you'll find the most appropriate fixes for the two vulnerabilities with the highest risk.


Project Solutions

File - 00:10:00

This document contains solutions to the project challenges.
Risk Assessment Template

File - 00:10:00

The template you will need to complete this project.
Project Prerequisites

File - 00:10:00

Files and links you will need to complete this project.
Project Challenges

File - 00:10:00

Description of the challenges you need to complete as part of this project.

Video - 00:09:00

Demonstration of SNYK.
OTX Demo

Video - 00:05:00

Demonstration of OTX.
Coverity Scan Demo

Video - 00:17:00

Demonstration of Coverity Scan.
Project Walkthrough

Video - 00:03:00

This video walks you through the project, explaining what needs to be done in each of the challenges.

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments