This paper is being furnished to provide the CIO with a technology evaluation of vulnerability scanning. The information provided will ensure that the CIO has the required information to make the best decision in regards to this technology. This paper provides a brief understanding of vulnerability scanning, its many forms, the types of scanners available, the advantages and disadvantages, and the costs involved.
Vulnerability scanning is an automated process that is conducted by an organization’s IT staff to identify any vulnerability that their information systems might possess and used to help “secure your own network” (Bradley). It is also used by hackers that are conducting reconnaissance on an organizations network to find any vulnerability that they might exploit. These next few pages will provide information on vulnerabilities, the many different forms of vulnerability scanning, the different types, pro’s and con’s, and costs.
Vulnerabilities occur when corrupted code or misconfigured hardware are on a network. This is why it is important for an organization to have an effective vulnerability assessment plan that includes regular scans of the network and annual penetration tests. These scans are very important to prevent hackers from “utilizing these flaws to gain access to your machines” (Houghton, 2003). An excellent source of information to get “summaries, technical details, remediation information, and lists of affected vendors” (US-CERT) is the Vulnerability Notes Database. Please view Appendix B for current threats.
What Are The Forms of Vulnerability Scanning?
Just like any other security tool or software available, there are many different forms of vulnerability scanning. Each of these methods provides a specific task to help an organization determine the security of their networks.
According to Secure State, an external vulnerability scan gives the organization an overall picture of any vulnerability that is present on an external network. This is used to help protect the organizations information systems from attacks that utilize their “publicly accessible systems” (NWN Corporation). These information systems are the most susceptible to attack because of their connection to the World Wide Web (WWW). This means that that it is important that a vulnerability scan be conducted regularly to ensure a secure system (Appendix A).
According to NWN Corporation, an internal vulnerability scan is designed to identify any vulnerability that an organization might have within their internal network. These types of vulnerabilities are usually susceptible from attacks within an organizations network from either employees or any other individual that has access to the internal network.
Active vulnerability scanners send active signals throughout the network and evaluate the responses that were received. These responses will help to identify any...