Q

Vulnerability scanners: The automation option

Automatic vulnerability scanners can help protect you applications from exploits. Expert Brad Arkin explains how these security tools work.

I've been hearing a lot about automatic vulnerability scanning and that it's good. But why is it so good, and how do the products work?

Automatic vulnerability scanning products help an organization quickly and proactively identify vulnerabilities in systems that could be exploited by attackers. The idea is to use these tools internally in an effort to fix the weaknesses in those systems before the attackers exploit those vulnerabilities. Because these tools are automated, they can be included in regression test suites or executed on a regular basis without drawing...

overworked people away from other responsibilities.

Each vulnerability scanning product works differently, depending on its goal. While some look at Windows registry entries to determine if the latest patches have been applied, others attempt to exploit specific vulnerabilities against a target machine. Typically, vulnerability scanners test against known vulnerabilities.

Keep in mind, as with most tools in the security industry, vulnerability scanners are available both commercially, and as open source free/shareware. This means your attackers have vulnerability scanners to use against you as well, so an internal process to quickly address identified vulnerabilities is imperative.

More on this
This was first published in November 2006

Dig deeper on Building security into the SDLC (Software development life cycle)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSOA

TheServerSide

SearchCloudApplications

SearchAWS

SearchBusinessAnalytics

SearchFinancialApplications

SearchHealthIT

Close