Abstract: Method and apparatus for Vulnerability Assessment techniques is disclosed. A method comprises detecting an event on a target in real time or at periodic intervals, by at least one of an OS service, an OS command, a hook, and an API. The event comprises a change in status of at least one of a network interface, a server network service, a client network service, and a port. An apparatus comprises a target having at least one of a deployed server network service, and a deployed client network service; and an agent deployed on the target, to detect an event on the target in real time or at periodic intervals. At least one of the agent and the VA server detect the event comprising a change in the status of at least one of a network interface, the server network service, the client network service, and a port.