Glossary

Vulnerability Scanning

Vulnerability scanning is a security process that uses specialized software to scan an organization’s network, systems, software, and other assets for potential vulnerabilities that could be exploited by hackers. Vulnerability scanning tools use a database of known flaws and test your security to see if your assets are at risk.

Terms related to Vulnerability Scanning: Vulnerability, vulnerability management, vulnerability assessment, patching, threats, cybersecurity, penetration testing, zero day vulnerability, buffer overflow, backdoor, exploit.

Vulnerability scanning allows a security team to run software that queries various aspects of your IT system to see if it’s vulnerable to hacking. The tool will then produce a list of potential vulnerabilities that you can maintain or patch. Some of the more sophisticated vulnerability scanning tools can even implement the fixes for you.

Vulnerability scanning is important for several reasons:

  • Hackers can also get access to these tools — you should carry out regular scans and patch vulnerabilities before they can be exploited.
  • Vulnerability scanning is proactive — it allows you to take steps to reduce your data breach risks now, rather than reacting to an attack.
  • Regulations and compliance mandate secure systems — Guidelines and legislation like PCI DSS, HIPAA, and others require you to protect sensitive data.

Vulnerability scanning can be subdivided into different types of scans:

  • External vulnerability scans — scans parts of your IT ecosystem that are exposed to the public internet.
  • Internal vulnerability scans — scans your internal network to identify potential issues if a hacker gets through your external security.
  • Environment vulnerability scans — specialized scanning for on-premise, hybrid, cloud-based, and other IT environments.

Vulnerability Scanning Resources from Crossmatch