Vulnerability Scan

One min read - 179 words

Definition

A vulnerability scan is an automated method for identifying potential vulnerabilities. It acts as one step in the Vulnerability management process. Identified vulnerabilities are usually not exploited by the vulnerability scanner. The following two types of vulnerability scans are distinguished.

Unauthenticated scans search for weaknesses on the network level. This allows to easily identify configuration issues. Authenticated scans cover the internals of the scanned systems. Commonly, an authenticated scan is able to identify missing security patches.

Typically, a vulnerability scan generates an extensive report of vulnerabilities found. The report also provides references for further research on the vulnerability as well as directions to fix the identified issues.

Certain standards require regular vulnerability scans. Most famously, the Payment Card Industry Data Security Standard (PCI DSS) Requirement 11.2 covers scanning.

Run internal and external network vulnerability scans at least quarterly and after any significant change in the network.

A number of open source tools for vulnerability scanning are available.

  • OpenVAS
  • OWASP Zed Attack Proxy (ZAP)
  • Nmap

Additional Resources