Vulnerability are internal factors, thus weakness or flaw in code, design, configurations among others that create security compromise to data or information confidentiality, integrity and availability. It can create a possible attack vector for intruder to access an autonomous system. Threat is externally controlled and it is the condition that cause harm, loss, damage or compromise of an asset. Vulnerability ones known to an intruder becomes a threat and requires mitigation. Risk in simple terms is vulnerability multiplied by threat. Thus the probability that of realization of a threat.