Vulnerability scanner: Difference between revisions

Latest revision as of 11:15, 7 September 2025

Template:Short descriptionA vulnerability scanner is a computer program designed to assess computers, networks or applications for known weaknesses. These scanners are used to discover the weaknesses of a given system. They are used in the identification and detection of vulnerabilities arising from mis-configurations or flawed programming within a network-based asset such as a firewall, router, web server, application server, etc. Modern vulnerability scanners allow for both authenticated and unauthenticated scans. Modern scanners are typically available as SaaS (Software as a Service); provided over the internet and delivered as a web application. The modern vulnerability scanner often has the ability to customize vulnerability reports as well as the installed software, open ports, certificates and other host information that can be queried as part of its workflow.

Authenticated scans allow for the scanner to directly access network based assets using remote administrative protocols such as secure shell (SSH) or remote desktop protocol (RDP) and authenticate using provided system credentials. This allows the vulnerability scanner to access low-level data, such as specific services and configuration details of the host operating system. It's then able to provide detailed and accurate information about the operating system and installed software, including configuration issues and missing security patches.^[1]
Unauthenticated scans is a method that can result in a high number of false positives and is unable to provide detailed information about the assets operating system and installed software. This method is typically used by threat actors or security analyst trying determine the security posture of externally accessible assets.^[1]

Vulnerability scanners should be able to detect the risks in open-source dependencies. However, since developers will usually re-bundle the OSS, the same code will appear in different dependencies, which will then impact the performance and ability of scanners to detect the vulnerable OSS.^[2]

The CIS Critical Security Controls for Effective Cyber Defense designates continuous vulnerability scanning as a critical control for effective cyber defense.

Part of a server log, showing attempts by a scanner to find the administration page.

220.128.235.XXX - - [26/Aug/2010:03:00:09 +0200] "GET /db/db/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:09 +0200] "GET /db/myadmin/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:10 +0200] "GET /db/webadmin/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:10 +0200] "GET /db/dbweb/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:11 +0200] "GET /db/websql/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:11 +0200] "GET /db/webdb/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:13 +0200] "GET /db/dbadmin/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:13 +0200] "GET /db/db-admin/main.php HTTP/1.0" 404 - "-" "-"
 (..)

Script error: No such module "Check for unknown parameters".

References

↑ ^a ^b Script error: No such module "citation/CS1".
↑ Script error: No such module "Citation/CS1".

Script error: No such module "Check for unknown parameters".

External links

Web Application [need link to legit site, old site was hoax]

National Institute of Standards and Technology (NIST) Publication of their Security Content Automation Protocol (SCAP) outline.

Template:Asbox

Template:Information security

[:0-1] Script error: No such module "citation/CS1".

[2] Script error: No such module "Citation/CS1".

[1]

[2]

@@ Line 1: / Line 1: @@
-{{Short description|Probes computer systems for known security problems}}
+{{Short description|Probes computer systems for known security problems}}A '''vulnerability scanner''' is a [[computer program]] designed to assess [[Computer|computers]], [[Computer network|networks]] or [[Application software|applications]] for known weaknesses.  These scanners are used to discover the weaknesses of a given system. They are used in the identification and detection of vulnerabilities arising from mis-configurations or flawed programming within a network-based asset such as a firewall, router, web server, application server, etc. Modern vulnerability scanners allow for both authenticated and unauthenticated scans.  Modern scanners are typically available as SaaS ([[Software as a service|Software as a Service]]); provided over the internet and delivered as a web application. The modern vulnerability scanner often has the ability to customize vulnerability reports as well as the installed software, open ports, certificates and other host information that can be queried as part of its workflow.
-{{Expand French|Scanner de vulnérabilité|date=June 2020}}
-A '''vulnerability scanner''' is a [[computer program]] designed to assess [[Computer|computers]], [[Computer network|networks]] or [[Application software|applications]] for known weaknesses.  These scanners are used to discover the weaknesses of a given system. They are used in the identification and detection of vulnerabilities arising from mis-configurations or flawed programming within a network-based asset such as a firewall, router, web server, application server, etc. Modern vulnerability scanners allow for both authenticated and unauthenticated scans.  Modern scanners are typically available as SaaS ([[Software as a service|Software as a Service]]); provided over the internet and delivered as a web application. The modern vulnerability scanner often has the ability to customize vulnerability reports as well as the installed software, open ports, certificates and other host information that can be queried as part of its workflow.
 * '''Authenticated scans''' allow for the scanner to directly access network based assets using remote administrative protocols such as [[Secure Shell|secure shell]] (SSH) or [[Remote Desktop Protocol|remote desktop protocol]] (RDP) and authenticate using provided system credentials. This allows the vulnerability scanner to access low-level data, such as specific services and configuration details of the host operating system. It's then able to provide detailed and accurate information about the operating system and installed software, including configuration issues and missing security patches.<ref name=":0">{{Cite web|url=http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf|title=Technical Guide to Information Security Testing and Assessment|last=National Institute of Standards and Technology|date=September 2008|website=NIST|language=en|access-date=2017-10-05|archive-date=2021-10-27|archive-url=https://web.archive.org/web/20211027092913/https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf|url-status=live}}</ref>
 * '''Unauthenticated scans''' is a method that can result in a high number of false positives and is unable to provide detailed information about the assets operating system and installed software. This method is typically used by threat actors or security analyst trying determine the security posture of externally accessible assets.<ref name=":0" />
-Vulnerability scanners should be able to detect the risks in open-source dependencies. However, since developers will usually re-bundle the OSS, the same code will appear in different dependencies, which will then impact the performance and ability of scanners to detect the vulnerable OSS.<ref>{{Cite journal |last1=Dann |first1=Andreas |last2=Plate |first2=Henrik |last3=Hermann |first3=Ben |last4=Ponta |first4=Serena Elisa |last5=Bodden |first5=Eric |date=2022-09-01 |title=Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite |url=https://ieeexplore.ieee.org/document/9506931 |journal=IEEE Transactions on Software Engineering |volume=48 |issue=9 |pages=3613–3625 |doi=10.1109/TSE.2021.3101739 |s2cid=238808679 |issn=0098-5589 |access-date=2023-11-10 |archive-date=2024-06-06 |archive-url=https://web.archive.org/web/20240606045547/https://ieeexplore.ieee.org/document/9506931 |url-status=live |url-access=subscription }}</ref>
+Vulnerability scanners should be able to detect the risks in open-source dependencies. However, since developers will usually re-bundle the OSS, the same code will appear in different dependencies, which will then impact the performance and ability of scanners to detect the vulnerable OSS.<ref>{{Cite journal |last1=Dann |first1=Andreas |last2=Plate |first2=Henrik |last3=Hermann |first3=Ben |last4=Ponta |first4=Serena Elisa |last5=Bodden |first5=Eric |date=2022-09-01 |title=Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite |journal=IEEE Transactions on Software Engineering |volume=48 |issue=9 |pages=3613–3625 |doi=10.1109/TSE.2021.3101739 |bibcode=2022ITSEn..48.3613D |s2cid=238808679 |issn=0098-5589 }}</ref>
 The [[Center for Internet Security|CIS Critical Security Controls for Effective Cyber Defense]] designates continuous vulnerability scanning as a critical control for effective cyber defense.
@@ Line 40: / Line 37: @@
 *: ◦ [[Metasploit Project]]
 *: ◦ [[Snort (software)|Snort]]
+*: ◦ [[garak (software)|garak]]
 ==References==

Vulnerability scanner: Difference between revisions

Latest revision as of 11:15, 7 September 2025

See also

References

External links

Navigation menu

Vulnerability scanner: Difference between revisions

Latest revision as of 11:15, 7 September 2025

See also

References

External links

Navigation menu

Search