Vulnerability scanning

What does vulnerability scanning do?

Vulnerability scanning is the process of scanning software and systems for known vulnerabilities. A vulnerability scanner will maintain and refer to a massive database of known vulnerabilities in order to compare and classify anything it finds. Vulnerability scanners work by scanning for known entry points (A field on a form on a webpage for instance) and testing what would happen if known exploit code were sent to it. Another way to look at it is like a conversation, where the scanner ‘talks’ to the software and then measures its response against known responses of vulnerable systems.

How do you perform a vulnerability scan?

A vulnerability scan is performed by a piece of software that resides either on a system inside the network, or more often on a cloud service. Modern scanners are very powerful and have a lot of automation built-in, so for a basic scan you can just point it to the right place and set it to run automatically at regular intervals.

How often should you run a vulnerability scan?

This really depends on how big and how important the target is. For a small business that provides simple services externally you could assume a minimum of twice a year to be a reasonable number, but for businesses with critical data or online services, once a month or even more would be more sensible.

How long does a vulnerability scan take?

Depending on the size and complexity of the target a scan can take anything from a few minutes to a few days.

Why do I need vulnerability scanning?

Apart from your legal obligations, vulnerability scanning is the best way to make sure that you find vulnerabilities before a hacker does. Hundreds of thousands, if not millions of hackers operate globally, constantly testing systems for vulnerabilities. In this game of cat and mouse it is our job to make sure that we find vulnerabilities before they do so that we can fix them.

What are the types of vulnerability scans?

The two major types of vulnerability scans are standard and authenticated. With a standard scan the scanner works on the system as if it were an outsider, not having any knowledge of or access to the underlying system. This is the most common type of scan. With an authenticated scan the scanner is given credentials that enable it to automatically log on as a user and access all of the functions not available to an outsider. This is a more thorough type of scan, but is riskier and takes longer.

How much does a vulnerability scan cost?

Vulnerability scanners are usually licenced annually dependent on the number of sites. Prices generally start from around £2,500 and can run into many hundreds of thousands.

Vulnerability scanning

Vulnerability scanning


Last updated:

Author tgadmin