// THREAT DETECTION AND DATA PRIVACY TERM

Vulnerability Scanning

Vulnerability scanning is an automated process of identifying security weaknesses or misconfigurations in computer systems, networks, and applications. It helps organizations find potential entry points attackers could exploit.

TECHNICAL DEFINITION

Vulnerability scanning is an automated cybersecurity process that uses specialized tools to systematically identify known security weaknesses, misconfigurations, and exploitable flaws across IT infrastructure, including networks, systems, and applications, informing risk assessments and compliance efforts.

BACKGROUND

A vulnerability scanner is a computer program designed to assess computers, networks or applications for known weaknesses. These scanners are used to discover the weaknesses of a given system. They are used in the identification and detection of vulnerabilities arising from mis-configurations or flawed programming within a network-based asset such as a firewall, router, web server, application server, etc. Modern vulnerability scanners allow for both authenticated and unauthenticated scans. Modern scanners are typically available as SaaS ; provided over the internet and delivered as a web application. The modern vulnerability scanner often has the ability to customize vulnerability reports as well as the installed software, open ports, certificates and other host information that can be queried as part of its workflow.Authenticated scans allow for the scanner to directly access network based assets using remote administrative protocols such as secure shell (SSH) or remote desktop protocol (RDP) and authenticate using provided system credentials. This allows the vulnerability scanner to access low-level data, such as specific services and configuration details of the host operating system. It's then able to provide detailed and accurate information about the operating system and installed software, including configuration issues and missing security patches. Unauthenticated scans is a method that can result in a high number of false positives and is unable to provide detailed information about the asset's operating system and installed software. This method is typically used by threat actors or security analysts trying to determine the security posture of externally accessible assets.

READ MORE ON WIKIPEDIA

SYNONYMS & ALIASES

  • Security scanning
  • Vulnerability assessment
  • Weakness detection
  • Cyber scanning
  • Flaw identification

USAGE NOTE

It is regularly conducted to maintain an organization's security posture, identify exploitable flaws, and meet regulatory compliance requirements.

DEVELOPERS

Organizations developing technology related to Vulnerability Scanning.

  • Tenable

    A cybersecurity company known for its vulnerability management platform, Tenable.io, and its popular vulnerability scanner, Nessus.

  • Qualys

    Provides a cloud-based platform for vulnerability management, compliance, and web application security, including extensive vulnerability scanning capabilities.

  • Rapid7

    Offers a comprehensive vulnerability management solution, InsightVM, and is also known for Metasploit, a penetration testing framework that includes vulnerability identification.

  • Greenbone Networks

    The main developer behind the open-source Open Vulnerability Assessment System (OpenVAS) and provides commercial vulnerability management solutions based on it.

  • Invicti Security

    The parent company of Acunetix and Netsparker, specializing in web application security solutions that include advanced web vulnerability scanning.

  • Palo Alto Networks

    A global cybersecurity leader that integrates vulnerability assessment and management into its broader security platforms, including cloud security offerings.

  • Fortinet

    Provides a wide range of cybersecurity solutions, including FortiAnalyzer and FortiManager, which offer vulnerability assessment and management as part of their security fabric.

  • CrowdStrike

    Known for its cloud-native endpoint protection, CrowdStrike also offers Falcon Spotlight, providing continuous vulnerability management and IT hygiene from the endpoint.

RELATED TERMS IN DEFENSE & ARCHITECTURE