What is a vulnerability check?
A Vulnerability Scanner is software that detects vulnerabilities within a network, system, or application. This is a simple definition of a not so easy process.
For most organizations that have a good understanding of your assets along with regular vulnerability, scanning is the best bang for the money in getting your security under control. Once you know where the vulnerabilities are, consider the risk and work to mitigate (a fancy way of saying reducing the assessed risk). With the high budget cybersecurity costs, the humble vulnerability scanner can be transferred to more sexy expressions like threat intelligence, red teams, security analysis, threat hunting and even penetration testing. All of these technologies and processes can take place within your security strategy, but without understanding your exposure to vulnerability, these can be a distraction. "Continuously acquire, evaluate and take action on new information to identify vulnerabilities, remedy and minimize the window for attackers." – Center for Internet Security Control 4: Continuous vulnerability assessment and remediation
the assessment cycle
A vulnerability scanner is the tool that enables the vulnerability assessment process. There is no start and end to the security assessment process, it is a continuous effort.
New vulnerabilities are detected daily in software and network changes. These two facts make the need for a continuous process crucial.
Vulnerability Assessment Cycle
Know Your Network Hosted Open Source Vulnerability Scanners TEST ALT Types of Vulnerability Scanner Due to the wide range of vulnerabilities to be assessed, there are a variety of tools for performing different types of tests.
What can a vulnerability scanner record?
- Known software issues (software without software or supported software)
- Uncertain network and system configuration (poor standard security or simple user failure) •
- Standard or weak passwords (a top access vector for the attackers)
- Vulnerabilities in Web Programming, such as SQL Injection (SQLi) and Cross Site Scripting (XSS)
- Information leaks (revealing too much configuration or other information may open doors to the attackers)
- With the wide range of vulnerabilities, there are a number of tools that can be used to detect these different vulnerabilities.
Web vulnerability scanners
Web application scanning involves searching for unsecure code that introduces vulnerabilities like those from OWASP Top 10. These vulnerabilities such as SQL Injection and Cross Site Script are not always in packaged software. Apart from commercial applications, these types of vulnerabilities can also be found in open source software and internally developed applications. These types of scanners range from capturing proxies as the popular Burp Suite to the focused SQLmap, a highly accurate SQL Injection test tool. Enterprise-level tools like IBM Appscan also exist that spider application searches for vulnerabilities. These tools are often used internally by major web application development teams as part of the secure software development lifecycle (SDLC). Network Vulnerability Scanners A network vulnerability scanner can go very wide, but will not necessarily go into all types of vulnerabilities. With these types of scanners you can have a database with over 50,000 known vulnerabilities. These will attempt to detect old server versions that have known vulnerabilities, check for standard information and scan for known scripts. A good example of a network vulnerability scanner is OpenVorks OpenVAS system. We use this open source tool in our suite of hosted online vulnerability scanners. Other well-known examples include the commercial Nessus, NexPose from Rapid7 and Retina tools. Another example of a network vulnerability scanner is Nmap Port Scanner. This tool does not go so far in its detection, but it is more targeted mapping open ports (services) across a network. An open port that should not be available can still be a vulnerability. Running a network vulnerability scanner from your network is a good way to understand how well system administration is implemented within your organization. Ideally, these types of internal scans are performed using the so-called credentialed scan, ie. that the scanner has valid credentials and can log on to the systems it is testing to accurately assess whether known vulnerabilities in the software and the operating system have been patched. External vulnerability scans are often performed offline
Contact us today and receive an offer tomorrow!