October 1999
·
5 Reads
·
4 Citations
This paper deals with network security assessment. We discuss currently available network security assessment tools and provide a categorization of their limitations. We revisit the methodology that the tools are based on, the flaw-hypothesis testing methodology. We then discuss the application of the methodology to network security assessment and discuss what is necessary to augment current network security assessment tools to make the testing methodology more holistic so confidence can be placed in the results reported by the tools.