Vulnerability scanning: what it is and how it works

Identifying cyber security vulnerabilities in your websites, applications and infrastructure.

What is vulnerability scanning?

A vulnerability scan is an assessment of the potential security vulnerabilities in computers, networks and communications equipment that can be exploited by cyber criminals.

It is an automated service that scans external infrastructure targets (IP addresses) for common types of network vulnerabilities and misconfigurations. and helps promptly identify security weaknesses that need to be resolved.

How does vulnerability scanning work?

Vulnerability scanning tools use reference databases of known flaws, coding bugs, anomalies, configuration errors and potential routes into corporate networks that can be exploited by attackers. These databases are updated continually.

Why are vulnerability scans important?

Vulnerabilities are common. New ones are discovered constantly or can be introduced as a result of system changes.

Criminal hackers use automated attacks to attempt to exploit known vulnerabilities and gain access to unsecured systems, networks or data.

These attacks are cheap, easy to run and indiscriminate, so every Internet-facing organisation is at risk.

All it takes is one vulnerability for an attacker to access your network.

This is why applying patches to fix these security vulnerabilities is essential: if you don’t update your software, firmware and operating systems to the latest versions as they are released, the vulnerabilities in your systems will remain exploitable and your organisation exposed.

Worse than this is the fact that the vast majority of intrusions are not discovered until it is far too late – usually months after the organisation has been breached.

Vulnerability scans can also help to routinely audit IP address ranges to see if unauthorised services are being exposed or whether redundant IP addresses are being used.

What does a vulnerability scan test?

Automated vulnerability scanning tools scan for open ports and detect common services running on those ports.

It identifies if there are configuration issues or vulnerabilities on those services, and looks at whether best practice is being followed, such as the use of TLSv1.2 or higher and strong ciphers.

A vulnerability scanning report is then generated to highlight the items that have been identified.

By interpreting these findings, an organisation can improve its security posture.

Scanned by IT Governance stamp

Scanned By IT Governance

IT Governance delivers fast and fully automated external vulnerability scans of an organisation’s Internet-facing IT assets in accordance with best practice.

Find out more about how our Vulnerability Scan service can help secure your organisation

Who conducts vulnerability scans?

IT departments usually undertake vulnerability scanning if they have the expertise and software to do so, or they can call on a third-party security service provider like IT Governance.

IT Governance’s scans are conducted on targets that the client has the necessary permissions to have scanned, and users of the service are required to confirm that they have those permissions.

Vulnerability scans are also performed by attackers who randomly scour the Internet trying to find points of entry into systems and networks.

How often should you conduct a vulnerability scan?

Vulnerability scans need to be conducted regularly to ensure that new vulnerabilities are identified as soon as they become common knowledge and that the appropriate remedial actions are taken, such as applying the necessary patches to fix software vulnerabilities.

Frequent security scanning can show where exposed services are unpatched and vulnerable to exploitation, allowing IT to either patch them or take other remedial actions fast.

You should have a vulnerability management programme. This should include scanning (at least monthly), and annual penetration testing, as well as when you make changes to your systems.

This will help identify your security weaknesses and the extent to which you are open to attack.

What’s the difference between vulnerability scanning and penetration testing?

Vulnerability scanning is an automated process that identifies your cyber security weaknesses.

Penetration testing goes one step further. It involves professional ethical hackers combining the results of automated scans with their expertise to reveal vulnerabilities that may not be identified by scans alone.

By mimicking the techniques used by criminals and other threat actors, they can determine the extent to which your organisation is vulnerable to attack.

Vulnerability scanning and remote working

Identifying and mitigating security vulnerabilities is especially important when staff work from home.

For instance, when you connect to the Internet via a home network, security features that you usually take for granted in the office, such as filtering, firewalls and encryption, might not be available.

And when staff use their own equipment (known as BYOD or ‘bring your own device’) to connect to the corporate network, you will have less control over the configuration of their security settings.

It is also essential to keep your VPN (virtual private network) software up to date to ensure staff have secure remote access to corporate systems.

Can a vulnerability scan help identify vulnerabilities on my website?

Vulnerability scans are not a suitable service for website vulnerability assessments. Although it will examine the hosting infrastructure for common misconfigurations, it will not detect web application vulnerabilities or business logic issues that an attacker may exploit.

Instead, a specific web application penetration test should be conducted by a skilled ethical hacker who is experienced in web applications. These tests should be performed on a regular basis and after changes to the applications have taken place.

Web application penetration tests will detect if a web server and vulnerable applications have been exposed to the Internet, but may not identify other flaws such as URL manipulation that expose the application’s data or users.

Is a vulnerability scan suitable for industrial control systems?

No, vulnerability scans are not suitable for complex production environments where there is external access to industrial control systems or telecommunications equipment. This is due to the specialised nature of such production environments and the need for the correct tools and appropriately skilled ethical hackers. This type of environment will require a manually controlled penetration test.

Vulnerability Scan service

IT Governance’s Vulnerability Scanning service

With a monthly subscription to our Vulnerability Scanning service, you can

  • Scan for thousands of vulnerabilities, helping you see exactly what criminal hackers can see;
  • Receive a detailed report that gives you a breakdown of all your weak spots that need attention;
  • Act quickly to fix your security weaknesses before criminal hackers find and exploit them; and
  • Run and rerun scans as often as you like within a month.

Find out more about how our Vulnerability Scanning service can help secure your organisation

This website uses cookies. View our cookie policy