Vulnerability Scanning

Vulnerability scanning defines, identifies, and classifies the security holes (vulnerabilities) in a computer, server, network, or communications infrastructure.

A vulnerability scanner relies on a database that contains all the information required to check a system for security holes in services and ports, anomalies in packet construction, and potential paths to exploitable programs or scripts. The attacker tries to exploit each vulnerability that is discovered. This process is called ethical hacking.

A vulnerability scanner has

  • Maintenance of an up-to-date database of vulnerabilities.
  • Detection of genuine vulnerabilities without an excessive number of false positives.
  • Ability to conduct multiple scans simultaneously.
  • Ability to perform trend analyses and provide clear reports of the results.
  • Recommendations for countermeasures to eliminate discovered vulnerabilities.