Vulnerability Scan
Under a vulnerability scan (Vulnerability, engl .: vulnerability ) means scanning a computer network or by means of automated programs , as well as tools and manual methods.
Automated scan
The usual way for an automated vulnerability scan is to start a tool that scans one or more targets for at least one security hole.
Analogous to antivirus software , information about known weak points in operating systems and / or application software is stored in these scanners. This is often implemented in the form of plug-ins . Each plug-in represents a known vulnerability and can be selected by the user. Similar to a virus scanner, a vulnerability scanner can never be up to date because it always has to be updated.
Due to the weaknesses of individual programs, it is advisable to use several programs for a security check if possible.
Manual methods
Manual methods are also taken into account due to the principle-related limitations of vulnerability scans. These include non-automated vulnerability checks, manual checks of web applications (e.g. SQL injection , cross-site scripting ) and the like. v. m. Manual methods sustainably support the validity and depth of the tests.