CYBER SECURITY TERMINOLOGY EXPLAINED

What Is Vulnerability Scanning?

Vulnerability scanning is an automated set of network tests that are used to identify vulnerabilities. Typically performed by a technology specialist to pre-emptively identify weaknesses. Scans can be broadly categorised into:

(1) Internal scans – looking for vulnerabilities in your physical office network.
(2) External scans – typically examining your firewall for flaws.
(3) Web scans – identifying issues in the code and hardware off your website of login pages.
(4) Cloud scans – looking for poor configuration and vulnerability in your cloud-based services.

Of course, cybercriminals can also perform scans by trying to find points of entry into networks and cloud systems.

External scans are run from outside of the network, targeting any IT infrastructure that is exposed to the internet to highlight what an attacker might see. Internal scans are carried out from inside the network providing opportunity to harden it against insider threats or those that have already breached the perimeter.

The scanning process involves detecting security holes in network devices, software, communications equipment, and computers. Vulnerability scans can also predict how effective countermeasures are in case of a threat or attack.

Specialised scanning software runs the tests and uses databases to compare the system being scanned against known potential flaws and best practice recommended setups. After this, a report is compiled, and this can then be analysed to identify opportunities to improve the security of the system being scanned.

Regular vulnerability scans should run as part of a vulnerability management strategy to aid in the improvement of your business’ security posture. Not all scans are equal: cheap and free scans may give you a false sense of security. Once vulnerabilities have been closed, you should repeat scans to get confirmation.

CYBER SECURITY UPDATES

Sign up for the latest advice and information about keeping your business cyber secure.