What is Vulnerability Scanning?
Discover Weaknesses Automatically
Vulnerability scanning is used to discover weaknesses in deployed security systems to improve or repair them before a breach occurs. A vulnerability scanner is a tool used to scan a target system for known holes, weaknesses, or vulnerabilities. Vulnerability scanners are designed to probe targets and produce a report of the findings.
Vulnerability Scanners
Vulnerability scanners are designed not to cause damage while they probe for weaknesses, but they can still inadvertently cause errors, slower network performance, and downtime. Thus, it’s important to plan their use and prepare for potential recovery actions.
Each time a vulnerability scanner is to be used; it should be updated from the vendor.A vulnerability scanner should be used on a regular periodic basis (such as weekly) to identify vulnerabilities, weaknesses, missing patches, and misconfigurations in all parts of a company network. Vulnerability testing authorization should be obtained before performing the security assessment.
The Common Vulnerabilities and Exposures database can be used as a repository; it has recorded over 145,000 specific vulnerabilities. This makes the task more than just a manual one; numerous software programs can be used to perform this function.
Results
The results of a vulnerability scan need to be interpreted by a knowledgeable security expert. Automated scanning tools can produce numerous false positives and false negatives. We will explore false positives and false negatives in the next article.
