Vulnerability Scanner
Vulnerability scanners are computer programs that examine target systems for the existence of known security vulnerabilities .
The scanner uses databases with information on various security problems such as B .:
- Use or existence of insecure or unnecessary services ( services )
- released or insufficiently secured shares ( releases )
- Error in the configuration or application of password and user guidelines
- open ports
- inadequate patch levels of computer programs and services ( services ).
Vulnerability scanners can be used in two different ways:
- Without authentication on the target system
- The target system is only examined for weak points via the network (from outside). In this way of working, detailed tests such as B. Verification of patch statuses of the operating system components or operating system-related components are not carried out.
- With authentication on the target system
- The scanner logs on to the target system with the login data stored in the scanner for the target system and can thus carry out an extended check.
In contrast to port scanners, vulnerability scanners can not only check the services that can be accessed on the target system and possibly their versions for weaknesses, but also enable a check for actually existing weaknesses in the operating system used and the services offered.
In addition to scanners that perform a comprehensive check of a target system for weak points, there are a number of scanners that specialize in detailed aspects. Particularly noteworthy in this context are web application scanners whose test methods are optimized for applications that use web-based methods.
Due to their complexity, false positive detections cannot be completely ruled out with vulnerability scanners .