Vulnerability scanner

You can help expand this article with text translated from the corresponding article in French. (June 2020) Click [show] for important translation instructions.

View a machine-translated version of the French article.
Machine translation, like DeepL or Google Translate, is a useful starting point for translations, but translators must revise errors as necessary and confirm that the translation is accurate, rather than simply copy-pasting machine-translated text into the English Wikipedia.
Consider adding a topic to this template: there are already 6,101 articles in the main category, and specifying|topic= will aid in categorization.
Do not translate text that appears unreliable or low-quality. If possible, verify the text with references provided in the foreign-language article.
You must provide copyright attribution in the edit summary accompanying your translation by providing an interlanguage link to the source of your translation. A model attribution edit summary is Content in this edit is translated from the existing French Wikipedia article at [[:fr:Scanner de vulnérabilité]]; see its history for attribution.
You should also add the template {{Translated|fr|Scanner de vulnérabilité}} to the talk page.
For more guidance, see Wikipedia:Translation.

A vulnerability scanner is a computer program designed to assess computers, networks or applications for known weaknesses. These scanners are used to discover the weaknesses of a given system. They are utilized in the identification and detection of vulnerabilities arising from mis-configurations or flawed programming within a network-based asset such as a firewall, router, web server, application server, etc. Modern vulnerability scanners allow for both authenticated and unauthenticated scans. Modern scanners are typically available as SaaS (Software as a Service); provided over the internet and delivered as a web application. The modern vulnerability scanner often has the ability to customize vulnerability reports as well as the installed software, open ports, certificates and other host information that can be queried as part of its workflow.

Authenticated scans allow for the scanner to directly access network based assets using remote administrative protocols such as secure shell (SSH) or remote desktop protocol (RDP) and authenticate using provided system credentials. This allows the vulnerability scanner to access low-level data, such as specific services and configuration details of the host operating system. It's then able to provide detailed and accurate information about the operating system and installed software, including configuration issues and missing security patches.^[1]
Unauthenticated scans is a method that can result in a high number of false positives and is unable to provide detailed information about the assets operating system and installed software. This method is typically used by threat actors or security analyst trying determine the security posture of externally accessible assets.^[1]

Vulnerability scanners should be able to detect the risks in open-source dependencies. However, since developers will usually re-bundle the OSS, the same code will appear in different dependencies, which will then impact the performance and ability of scanners to detect the vulnerable OSS.^[2]

The CIS Critical Security Controls for Effective Cyber Defense designates continuous vulnerability scanning as a critical control for effective cyber defense.

Part of a server log, showing attempts by a scanner to find the administration page.

220.128.235.XXX - - [26/Aug/2010:03:00:09 +0200] "GET /db/db/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:09 +0200] "GET /db/myadmin/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:10 +0200] "GET /db/webadmin/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:10 +0200] "GET /db/dbweb/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:11 +0200] "GET /db/websql/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:11 +0200] "GET /db/webdb/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:13 +0200] "GET /db/dbadmin/main.php HTTP/1.0" 404 - "-" "-"
220.128.235.XXX - - [26/Aug/2010:03:00:13 +0200] "GET /db/db-admin/main.php HTTP/1.0" 404 - "-" "-"
 (..)

References

^ ^a ^b National Institute of Standards and Technology (September 2008). "Technical Guide to Information Security Testing and Assessment" (PDF). NIST. Retrieved 2017-10-05.
^ Dann, Andreas; Plate, Henrik; Hermann, Ben; Ponta, Serena Elisa; Bodden, Eric (2022-09-01). "Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite". IEEE Transactions on Software Engineering. 48 (9): 3613–3625. doi:10.1109/TSE.2021.3101739. ISSN 0098-5589. S2CID 238808679.

External links

Web Application [need link to legit site, old site was hoax]

National Institute of Standards and Technology (NIST) Publication of their Security Content Automation Protocol (SCAP) outline.

v t e Information security
Related security categories	Computer security Automotive security Cybercrime Cybersex trafficking Computer fraud Cybergeddon Cyberterrorism Cyberwarfare Electromagnetic warfare Information warfare Internet security Mobile security Network security Copy protection Digital rights management	vectorial version
Threats	Adware Advanced persistent threat Arbitrary code execution Backdoors Hardware backdoors Code injection Crimeware Cross-site scripting Cross-site leaks DOM clobbering History sniffing Cryptojacking Botnets Data breach Drive-by download Browser Helper Objects Viruses Data scraping Denial-of-service attack Eavesdropping Email fraud Email spoofing Exploits Hacktivism Insecure direct object reference Keystroke loggers Logic bombs Time bombs Fork bombs Zip bombs Fraudulent dialers Malware Payload Phishing Voice Polymorphic engine Privilege escalation Ransomware Rootkits Scareware Shellcode Spamming Social engineering Spyware Software bugs Trojan horses Hardware Trojans Remote access trojans Vulnerability Web shells Wiper Worms SQL injection Rogue security software Zombie
Defenses	Application security Secure coding Secure by default Secure by design Misuse case Computer access control Authentication Multi-factor authentication Authorization Computer security software Antivirus software Security-focused operating system Data-centric security Obfuscation (software) Data masking Encryption Firewall Intrusion detection system Host-based intrusion detection system (HIDS) Anomaly detection Security information and event management (SIEM) Mobile secure gateway Runtime application self-protection Site isolation