Vulnerability Scanning is an automated test where software known as vulnerability scanners are used to look for systems, networks, and applications security vulnerabilities. These scanners use a database with known vulnerabilities to compare with the target that is being audited. The three most common vulnerability scanners are the network vulnerability scanner, web application vulnerability scanner and open-source vulnerability scanners.
Vulnerability Scanning is often confused with Penetration Testing, however, there are some important differences between the two.
There are a few reasons why your business should take advantage of vulnerability scanning:
It can be automated to run on a schedule, on-demand or in response to trigger events such as a new build of a software project or the deployment of a new server.
One thing that should be kept in mind is that vulnerability scans cannot be compared to manual processes such as penetration testing when it comes to the breadth and depth of test coverage.
The vulnerability scanner testing should be viewed as a cost-effective way of finding and managing common security issues.