Used to identify weak points inside and on the perimeter of a network, a vulnerability scan identifies hosts and their attributes and these potential attack spots. As a network wants to be strong against outside and internal threats, running a vulnerability scan assists with finding outdated software, missing patches, and incorrect configurations and verifies a company's industry best practices compliance. Additionally, a scan finds targets for a penetration test and provides information for reducing any found vulnerabilities.
Internal and external scans are two options for this procedure. An internal vulnerability scan typically finds more weak points, and an external scan may encounter perimeter security issues. This may include limited access to scan ports only authorized to pass traffic. For the scan to get past the firewall, the administrator of the network may need to enable port forwarding, or the network configuration needs to permit traffic from test system IP addresses.
A local, or internal, vulnerability scan is run in house. Each host requiring scanning has a scanner installed. The scan identifies network- and locally-exploitable vulnerabilities and, as it goes inside the firewall, provides a higher level of detail.
Vulnerability scan reports list and detail these weak areas. Lower-threat vulnerabilities, however, may be grouped together, and while one on its own poses a small risk, a group of them can become a higher network risk.
Internal and external vulnerability scans are two services Robrige offers, and companies needing security upkeep and to meet industry best practices standards should regularly have these procedures completed. An internal vulnerability scan – one done in house for your business – examines every device, IP address by IP address, to identify the operating system, firmware, service packs, and patches. An external vulnerability scan is conducted from Robrige's office and studies the perimeter of your system for security and firewall configurations. Such a scan determines the possibility of outside threats and simulates attacks for bypassing or penetrating the system.