Vulnerability Scanning
What is Vulnerability Scanning
- Vulnerability scanning is the process of discovering, analyzing, and reporting on security flaws and vulnerabilities. Vulnerability scans are conducted via automated vulnerability scanning tools to identify potential risk exposures and attack vectors across an organization’s networks, hardware, software, and systems.
- Vulnerability scanning has 2 major categories:
- North-South traffice: usually from queries and commands requesting data and the output data generated. Traffic entering a data center through a firewall or any other network device is southbound traffic, whereas traffic exiting the data center perimeter is northbound traffic.
- East-West Traffic; is the transfer of data packets from server to server within a data center
Type of Vulnerability Scanning
External Vulnerability Scans
These scans target the areas of your IT ecosystem that are exposed to the internet, or are otherwise not restricted to your internal users or systems. They can include websites, ports, services, networks, systems, and applications that need to be accessed by external users or customers.
Internal Vulnerability Scans
These scan and target your internal corporate network. They can identify vulnerabilities that leave you susceptible to damage once a cyberattacker or piece of malware makes it to the inside.
Environmental Scans
These scans are based on the environment that your technology operates in. Specialized scans are available for multiple different technology deployments, including cloud-based, IoT devices, mobile devices, websites, and more.
Intrusive Versus Non-Intrusive Scans
Non-intrusive scans simply identify a vulnerability and report on it so you can fix it. Intrusive scans attempt to exploit a vulnerability when it is found. This can highlight the likely risk and impact of a vulnerability, but may also disrupt your operational systems and processes, and cause issues for your employees and customers — so use intrusive scanning with caution.