Problem solve Get help with specific problems with your technologies, process and projects.

Vulnerability scanners: The automation option

Automatic vulnerability scanners can help protect you applications from exploits. Expert Brad Arkin explains how these security tools work.

I've been hearing a lot about automatic vulnerability scanning and that it's good. But why is it so good, and how do the products work?

Automatic vulnerability scanning products help an organization quickly and proactively identify vulnerabilities in systems that could be exploited by attackers. The idea is to use these tools internally in an effort to fix the weaknesses in those systems before the attackers exploit those vulnerabilities. Because these tools are automated, they can be included in regression test suites or executed on a regular basis without drawing overworked people away from other responsibilities.

Each vulnerability scanning product works differently, depending on its goal. While some look at Windows registry entries to determine if the latest patches have been applied, others attempt to exploit specific vulnerabilities against a target machine. Typically, vulnerability scanners test against known vulnerabilities.

Keep in mind, as with most tools in the security industry, vulnerability scanners are available both commercially, and as open source free/shareware. This means your attackers have vulnerability scanners to use against you as well, so an internal process to quickly address identified vulnerabilities is imperative.

More on this

Dig Deeper on Topics Archive

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.