You are here: Resources >> What is Vulnerability Scanning?
What is Vulnerability Scanning?
Vulnerability scanning is an automated security test that scans a target IP address for known and unknown vulnerabilities. This can be done via a router, firewall, IP telephone, Windows, Linux, Unix, and so on. When a vulnerability is identified, a detailed remedy is provided so that the end user can rectify the situation.
Intelligent Service Detection
SecPoint has an intelligent service detection built in so that when you have services running on nonstandard ports, the system will be able to detect and base attacks against these ports. The end user is then always assured the most accurate and fastest scan.
Launch Real Exploits
New in this edition, it is possible for the end user to launch a high amount of real exploits against a target system. Whenever the user launches real exploits, the service can help to test if the applied patches on the systems are working or not.
Denial of Service
You can launch a wide range of intensive DOS attacks for multiple applications such as web browsers, email clients, ftp clients, databases, and more. Extensive DOS attacks can be launched in order to crash the target system. The advantage of DOS tests is the fact that it allows you to check the stability of a preproduction system in order to discover potential instability vulnerabilities.
It is also recommended to test the stability of production systems during nighttime. If an attacker can manage to crash a production system during peak hours, this can lead to irrevocable damages and financial losses for you or your customer.
Distributed Denial of Service
DDOS (Distributed Denial of Service) attacks threaten computer networks worldwide. The increase in the number, sophistication, and maliciousness of such attacks has been dramatic in the last few years. Traditional means of network protection, such as firewalls and intrusion detection systems, are weak methods for identifying and blocking DDOS attacks. The Penetrator can find various types of Distributed Denial of Service vulnerabilities so immediate action can be taken to solve this security risk.
Scans any Operation System or Operating Device
The Penetrator is designed to scan any operating system and work its way through the whole process. The appliance has a system built in that allows you to launch unknown buffer overflow attacks. This allows you to discover unknown vulnerabilities in your applications or in the target system.
Automatic Crawl System
The automatic crawl system will identify SQL injection, cross site scripting, and errors in both known and unknown scripts and software on your web server.
Advanced Scanning
The Penetrator allows for advanced customization in each scan. The end user can fine-tune values and manually insert virtual hosts, unknown directories on the web server, enable aggressive scanning, extended brute force, and other features.
Through this approach, the Penetrator can do an even more customer-specific scan of the equipment. It is designed to minimize its own traffic use on your network based on its intelligent scanning services.
Scan Template Creation
Through the scan template creation system, the end user can create scan templates with the specific configuration needed and use them for scheduled scanning or when making a new scan. This ensures that the end user can apply the same policy after every subsequent scan, which in turn saves time as there is no need to make a new configuration each time.
Detailed Vulnerability Remediation
Detailed remediation information assists users in learning how to apply patches, install new service packs, and so on. Furthermore, all links are always updated via the intelligent SecPoint quality system.
Advanced Scheduling
You can perform scheduled scans based on the templates of a single system or a large range of systems. You can also make the scans start at any time of your choice. It is recommended for you to scan all your systems in the weekend so that you can always have the status of your security level at the beginning of the week.
Non Intrusive Scans
The scans performed by the Penetrator are based on intelligent determination and is designed for minimal traffic impact on the targeted system. This makes sure the scan is minimally intrusive for the customer.
SQL Injection
SQL injection is a security vulnerability that occurs in the database layer of an application. The vulnerability is present whenever user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.
In fact, it is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. The Penetrator can find many kinds of SQL injection vulnerabilities in order to quickly and efficiently solve this security risk.
Cross Site Scripting
Cross site scripting (XSS) is a type of computer security vulnerability typically found in web applications that can be used by an attacker to compromise the same origin policy of client-side scripting languages. Attackers intending to exploit cross site scripting vulnerabilities must approach each class of vulnerability differently. The Penetrator can find many kinds of cross site scripting vulnerabilities so the proper steps can be done to defend against this potential danger.
Read more about our services and products here: About SecPoint, IT Security Products, and IT Security Jobs.
Privacy Statement |
Link Policy |
User Policy |
IT Security Blog |
IT Security Forum
| SecPoint Pictures
Event Pictures | Exploit Archive | IT Security Web Shop | Vulnerability Library
IT Security Video | Sitemap
© Copyright 1999-2010: SecPoint®
SecPoint ApS - Lergravsvej 53 - 2300 Copenhagen S - Phone +45 70 235 245
Event Pictures | Exploit Archive | IT Security Web Shop | Vulnerability Library
IT Security Video | Sitemap
© Copyright 1999-2010: SecPoint®
SecPoint ApS - Lergravsvej 53 - 2300 Copenhagen S - Phone +45 70 235 245
| Recent awards | Compatible with | Visit us on Facebook! | Visit us on LinkedIn! | Visit us on Myspace! | |||||
 |
 |
 |
 |
 |
 Group! |
 |
 Follow us on Twitter!  |
||
Anti-Spam Appliance - Anti-Spam Firewall - Unified Threat Management Appliance
Anti-Virus - Web Filter Appliance - Anti Spam Appliance - Anti Spam Firewall - UTM Appliance Wifi Security - Wifi Pen Test - Wifi Crack - Wifi Hack - Wifi Audit - Wep Wpa2 Crack
Vulnerability Scanner - Vulnerability Assessment - Security Scanner - Pen Test Appliance