Vulnerability Scan

from Wikipedia, the free encyclopedia

Under a vulnerability scan (Vulnerability, engl .: vulnerability ) means scanning a computer network or by means of automated programs , as well as tools and manual methods.

Automated scan

The usual way for an automated vulnerability scan is to start a tool that scans one or more targets for at least one security hole.

Analogous to antivirus software , information about known weak points in operating systems and / or application software is stored in these scanners. This is often implemented in the form of plug-ins . Each plug-in represents a known vulnerability and can be selected by the user. Similar to a virus scanner, a vulnerability scanner can never be up to date because it always has to be updated.

Due to the weaknesses of individual programs, it is advisable to use several programs for a security check if possible.

Manual methods

Manual methods are also taken into account due to the principle-related limitations of vulnerability scans. These include non-automated vulnerability checks, manual checks of web applications (e.g. SQL injection , cross-site scripting ) and the like. v. m. Manual methods sustainably support the validity and depth of the tests.