The IT Law Wiki

Vulnerability scanning

32,077pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Vulnerability scanning

identifies hosts and host attributes (e.g., operating systems, applications, open ports), [and] also attempts to identify vulnerabilities rather than relying on human interpretation of the scanning results. Vulnerability scanning can help identify outdated software versions, missing patches, and misconfigurations, and validate compliance with or deviations from an organization's security policy. This is done by identifying the operating systems and major software applications running on the hosts and matching them with information on known vulnerabilities stored in the scanners' vulnerability databases.[1]

References Edit

  1. NIST Special Publication 800-115, at 4-4.

Also on Fandom

Random Wiki