Definition[edit | edit source]
A vulnerability scanner is a computer program that searches the Internet looking for computers that are vulnerable to a particular type of attack. The scanners have a large database of vulnerabilities that they use to probe computers in order to determine the vulnerable ones. Both commercial and free vulnerability scanners exist.
Overview[edit | edit source]
Vulnerability scanners can:
- Proactively identify vulnerabilities
- Provide a fast and easy way to measure exposure
- Automatically fix discovered vulnerabilities
- Identify out-of-date software versions
- Validate compliance with an organizational security policy
- Generate alerts and reports about identified vulnerabilities.
However, vulnerability scanners do have some weaknesses. Scanners: