Vulnerability Scan

1 min read - 184 words

Definition

A vulnerability scan is an automated method for identifying potential vulnerabilities. It acts as one step in the Vulnerability management process. Identified vulnerabilities are not exploited by the vulnerability scanner.

The following two types of vulnerability scans are distinguished. Unauthenticated scans search for weaknesses on the network level. This way configuration issues, and misconfigured databases or applications can easily be identified. Authenticated scans cover the internals of the IT systems. Most importantly, this allows the scanner to identify the missing security patches.

Typically, a vulnerability scan generates an extensive report of vulnerabilities found. The report also provides references for further research on the vulnerability. Some even offer directions to fix the problem.

Certain standards require regular vulnerability scans. Most famously, the Payment Card Industry Data Security Standard (PCI DSS) Requirement 11.2 covers scanning.

Run internal and external network vulnerability scans at least quarterly and after any significant change in the network.

A number of open source tools for vulnerability scanning are available.

  • OpenVAS
  • OWASP Zed Attack Proxy (ZAP)
  • Nmap

Additional Resources