Vulnerability scanning is typiclly thought of as a
proactive or preventive activity and relates to incident and
forensics investigation --
- Vulnerability scanning is an automated process of
proactively identify application, network and security
vulnerability. and it is performed by IT department of the
organization and third party security service provider.
- The main type of vulnerability scanning include --
unix, linux, windows, on prem, offsite and onsite.
- And the network vulnerability scan include -- External
vulnerability scan
- Internal vulnerability scan
- Enivironmental scan
- Intrusive and non intrusive method.
- Scanning methods.
- Vulnerability scanning allows you to take a proactive
approach maintain strong security for the system, data, employees
and customers.
- The data breaches sometime results unpatched vulnerability so
it identify and eliminate security gaps and remove that
attack vector.
- Cyber criminals can access vulnerability scanning tools so it
is very important to carry out scans and take action before
hackers damaged security vulnerabilities.
- The cybersecurity has big demand of secure system for
example -- PCI, DSS, NIST, and HIPAA. all these emphasize
vulnerability scanning to protect sensitive data.
Vulnerability scanning can be used to enhance
information about events and assist in recovery --
- Nowdays cyberattacks are increasing day by day so it is very
important to understand events or organizational risks and
vulnerabilities and current threats and most effective policies and
technologies to address them.
- Vulnarability scanning can be used in enhancment of information
system about events and assist in recovery by understanding mission
critical process and underlying infrastructure and apply the
understanding to the result.
- The vulnerability assessment include three
phases at technical level. in first phase
- organizations need to gather information about hardware and
software present in their environment.
- This include network scanning to identify host, port
scanning to identify service and protocol that may be vulnerable
and collect DNS information to understand which host can
be targeted by attackers.
- The second phase is - Review and
enumeration of operating system, ports, protocol, and services
which is identified by the extent of the attack surface vulnerable
to attackers.
- For example -- SMB 3.1.1 vs SMB 2.0 and Windows 10 vs
windows XP.
- The Third pahse include detection and
reporting - this process generates reports, complete with
scores and risk information. and use the remediation
tools to patch, debug and configure to eliminate the
security risks.