Now that we have completed our Vulnerability Scan and have gain an understanding of what vulnerabilities exist on our network/system we need to understand what it all means!

To understand the results of a vulnerability scan requires a lot of time and skills. In order to understand and interpret the results of a vulnerability scan the following steps should be followed:

1. Review Vulnerability Details: Carefully examine the details of each identified vulnerability. You need to understand the affected component (software, service, OS, configuration, etc.) and the potential impact it could have. 

2. Evaluate Severity: Review the risk rating that is associated with each vulnerability. You will want to prioritize the vulnerabilities based on their score and severity. The most critical ones should be addressed first.

3. Analyze Exploitability: How easy is this vulnerability to exploit? What is the impact if it is exploited? Understanding how easy it is to exploit can help with determining how quick the vulnerability should be fixed. 

4. Contextualize Findings: Understand the environment that you are working in.  Not all vulnerabilities might be relevant or applicable to the environment you are working in. Make sure the identified vulnerabilities do align with the infrastructure and applications being used. 

5. Cross-Reference with a Vulnerability Database: Go and do your own research on the vulnerabilities in available CVE databases or vendor advisories. This can help you gather more information and a better understanding. Do not just rely one what the vulnerability scanner tells you. Go and do your own research on it using skills we have learned. 

6. Validate Findings: Do not just rely on CVE databases and the vulnerability scanner. Do your own research and validate what you have already learned. 

7. Prioritize & Remediate: Based on your findings and research you will have learned about the severity, exploitability and relevance to the environment. You will then need to prioritize each vulnerability for remediation. Keep in mind that the organization might not be able to fix ALL vulnerabilities, they do have limited resources. Make sure the developed plan addresses each vulnerability and how to fix them (apply patches, update software, reconfigure security settings or implementing security policy/procedures to mitigate the vulnerability). 

8. Monitor & Rescan: After the company/organization has addressed the vulnerabilities a rescan should be performed to make sure the vulnerabilities have been addressed and no new vulnerabilities have been introduced. Keep in mind that the company/organization might not address all the vulnerabilities that have been discovered due to limited resources (think employee work hours). Systems or devices that have been fixed should be monitored to make sure they are still functioning correctly and no unforeseen issues have been introduced.