www.ijcrt.org © 2018 IJCRT | Volume 6, Issue 2 April 2018 | ISSN: 2320-2882 IJCRT1807084 International Journal of Creative Research Thoughts (IJCRT) www.ijcrt.org 688 Layered Architecture for Security Vulnerabilities Assessment -A Cornerstone of Effective Security Planning Chanchala Joshi #1 , Umesh Kumar Singh #2 #1 Institute of Computer Science, Vikram University, Ujjain, India,chanchala.joshi@gmail.com #2 Institute of Computer Science, Vikram University, Ujjain, India, umeshsingh@rediffmail.com ABSTRACT With the increasing growth of Internet it is extremely difficult to prevent unauthorized users from compromising the confidentiality, the integrity or the availability (CIA) of sensitive information. The development of comprehensive safety and security plans commonly overlooked the critical foundation step of vulnerabilities assessment. Knowing what vulnerabilities exist and could therefore be exploited allows organizations and businesses to pool that information with their knowledge of potential risks and threats to their operations and build their plans accordingly. Organizations need to have a clear plan in place to help better mitigate the vulnerabilities lies in the network or information system. This paper presents a layered architecture for identification and assessment of security vulnerabilities.The developed architecture evaluates the organization’s current policies and common practices and helps in identification and assessment of vulnerabilities by enlisting the aid of trained security professionals. Making the investment in a methodical assessment process will ensure the next steps in developing a safety and security plan are most effective and no more costly than necessary. Key words:network security; vulnerability analysis; vulnerability scanner; security threats Corresponding Author: Chanchala Joshi I. INTRODUCTION Use of computers is increasing day by day, which leads to increasing System’s complexity. Most of the systems now are connected to the Internet. New and sophisticated software are coming in the market. All these activities are tremendously increasing vulnerabilities in systems. The vulnerability is a weakness or flaws in software applications or computer networks, which can be implementation bugs or design or implementation flaws that allow an attacker to cause harm to the user of the application and get extra privilege [1]. Vulnerabilities are the potential risk for the system. The attacker uses these vulnerabilities to exploit the system and get unauthorized access and information. Vulnerabilities are a significant flaw in system security and Information assurance. Attackers use these threats and vulnerabilities to exploit the network system or victim’s machine. It is better for security person or network administrator to identify the vulnerabilities present in the system in advance by before an attacker does. In organizations’, the need for vulnerabilities detection and assessment is usually underestimated till now. It is just considered as a formality activity and use by decidedly fewer people. By performing regular and consistence vulnerability assessment, we can reduce a substantial amount of risk to be attacked and have more secure systems. This chapter illustrates the performance of vulnerability assessments to identify weaknesses in systems