Vulnerability Scanners

Security administrators are tasked with managing an unrelenting number of network vulnerabilities. These vulnerabilities occur in every level of the network, within operating systems, applications, even network devices such as routers and switches.

Vulnerability scanning can help you to secure your own network or it can be used by the bad guys to identify weaknesses in your system to mount an attack against. The idea is for you to use these tools to identify and fix these weaknesses before the bad guys use them against you.

The goal of running a vulnerability scanner is to identify devices on your network that are open to known vulnerabilities. Some may look for signs such as registry entries in Microsoft Windows operating systems to identify that a specific patch or update has been implemented. Others attempt to exploit the vulnerability on each target device rather than relying on registry information.

After performing an initial vulnerability scan you will need to implement a process for addressing the identified vulnerabilities. In most cases there will be patches or updates available to cure the problem. Sometimes though there may be operational or business reasons why you can't apply the patch in your environment or the vendor of your product may not yet have released an update or patch. In those cases you will need to consider alternative means to mitigate the threat.

It is a good practice to implement a schedule for periodic vulnerability scans to make sure nothing has been missed. ..

Products