What is Vulnerability Scanning?
Vulnerability scanning is the use of software tools to identify and report on security issues (known as vulnerabilities) that affect your systems. A vulnerability scanner is a highly specialised software tool that searches for security vulnerabilities. Vulnerability scanners collect information from computers, devices and applications on your network and compares it to a database of known cyber security flaws.
Armed with this knowledge, you can take action to remediate the security weaknesses discovered. This overall ongoing process of identifying and fixing your weaknesses is known as Vulnerability Management.
Why Vulnerability Scans Are Important
When security vulnerabilities are discovered, software developers release those fixes as software updates. Old and outdated software that has not been updated is therefore vulnerable to hackers and cyber criminals.
It’s important to note that patches don’t necessarily fix system misconfigurations, so a system that was deployed in a misconfigured state could potentially remain vulnerable even if it is patched regularly.
It it near impossible for a system administrator to perfectly configure all of their services and to instantaneously install all required patches as soon as they’re released. This is a huge burden of responsibility that many system administrators must bear!
Vulnerability scans identify missing patches, and allows IT personnel to apply missing security updates to your systems.
Vulnerability scanning also identifies secure misconfigurations allowing your administrators to reconfigure your systems.
Whilst vulnerability scanning is a fantastic tool to protect your network, they are also one of the key tools in the arsenal of cyber criminals, who use them to identify ways to gain unauthorized access to networks.
Failing to proactively scan your environment and address vulnerabilities could present adversaries with the opportunity they need to conduct attacks against your system’s vulnerabilities.
Will Vulnerability Scanning Replace Manual Testing
Automated vulnerability scanning cannot compare to manual processes such as Penetration Testing when it comes to the breadth and depth of test coverage. However, automated scanning should be viewed as a cost-effective way of finding and managing common security issues, without needing to employ specialist security testers.
Vulnerability scanning does rectify the ‘low hanging fruit’ and allows penetration testing engagements to more efficiently focus on complicated security issues that are better suited to a human.
The Key Sigma Vulnerability Scanning Service
The Key sigma vulnerability service comprises of Key Sigma consultants connecting to and scanning your networks using commercial vulnerability scanners.
The Key Sigma vulnerability scanners check your network against an up to date library of thousands of potential vulnerabilities, the same vulnerabilities that cyber criminals search for and exploit.
We understand that the results a vulnerability scan are often difficult for people without a cyber security background to understand. It is for this reason that the results of the Key Sigma vulnerability assessments are presented in easy to read reports that:
• Order the discovered vulnerabilities by their severity, allowing you to direct your corrective efforts to the most critical vulnerabilities identified.
• Contain a detailed description on how to correct for each of the vulnerabilities identified, guiding your IT personnel to the required corrective actions.
The frequency of your vulnerability scanning should commensurate with the risks of your system and crucially, the availability of your IT personnel to correct the issues identified.
Many medium to large organisations perform scans on a monthly or bi monthly basis.
Key Sigma consultants will work with you to identify the appropriate vulnerability scanning frequency. Please schedule a free consultation with a Key Sigma technical expert to find out more!.
Our Other Services
Developed by the National Cyber Security Centre (NCSC), Cyber Essentials is widely considered to be the best first step to protect organisations from the most common cyber security attacks. It is designed to help organisations of any size demonstrate their commitment to cyber security – while keeping the approach simple and the costs low.