You are here: Solutions > What is Vulnerability Scanning?
What is Vulnerability Scanning?
Vulnerability scanning is an automated security test that scans a target IP address for known and unknown vulnerabilities. This can be done via a router, firewall, IP telephone, Windows, Linux, Unix, and so on. When a vulnerability is identified, a detailed remedy is provided so that the end user can rectify the situation.
Intelligent Service Detection
SecPoint has an intelligent service detection built in so that when you have services running on nonstandard ports, the system will be able to detect and base attacks against these ports. The end user is then always assured the most accurate and fastest scan.
Launch Real Exploits
New in this edition, it is possible for the end user to launch a high amount of real exploits against a target system. Whenever the user launches real exploits, the service can help to test if the applied patches on the systems are working or not.
Denial of Service
You can launch a wide range of intensive DOS attacks for multiple applications such as web browsers, email clients, ftp clients, databases, and more. Extensive DOS attacks can be launched in order to crash the target system. The advantage of DOS tests is the fact that it allows you to check the stability of a preproduction system in order to discover potential instability vulnerabilities.
It is also recommended to test the stability of production systems during nighttime. If an attacker can manage to crash a production system during peak hours, this can lead to irrevocable damages and financial losses for you or your customer.
Distributed Denial of Service
DDOS (Distributed Denial of Service) attacks threaten computer networks worldwide. The increase in the number, sophistication, and maliciousness of such attacks has been dramatic in the last few years. Traditional means of network protection, such as firewalls and intrusion detection systems, are weak methods for identifying and blocking DDOS attacks. The Penetrator can find various types of Distributed Denial of Service vulnerabilities so immediate action can be taken to solve this security risk.
Scans any Operation System or Operating Device
The Penetrator is designed to scan any operating system and work its way through the whole process. The appliance has a system built in that allows you to launch unknown buffer overflow attacks. This allows you to discover unknown vulnerabilities in your applications or in the target system.
Automatic Crawl System
The automatic crawl system will identify SQL injection, cross site scripting, and errors in both known and unknown scripts and software on your web server.
The Penetrator allows for advanced customization in each scan. The end user can fine-tune values and manually insert virtual hosts, unknown directories on the web server, enable aggressive scanning, extended brute force, and other features.
Through this approach, the Penetrator can do an even more customer-specific scan of the equipment. It is designed to minimize its own traffic use on your network based on its intelligent scanning services.
Scan Template Creation
Through the scan template creation system, the end user can create scan templates with the specific configuration needed and use them for scheduled scanning or when making a new scan. This ensures that the end user can apply the same policy after every subsequent scan, which in turn saves time as there is no need to make a new configuration each time.
Detailed Vulnerability Remediation
Detailed remediation information assists users in learning how to apply patches, install new service packs, and so on. Furthermore, all links are always updated via the intelligent SecPoint quality system.
You can perform scheduled scans based on the templates of a single system or a large range of systems. You can also make the scans start at any time of your choice. It is recommended for you to scan all your systems in the weekend so that you can always have the status of your security level at the beginning of the week.
Non Intrusive Scans
The scans performed by the Penetrator are based on intelligent determination and is designed for minimal traffic impact on the targeted system. This makes sure the scan is minimally intrusive for the customer.
SQL injection is a security vulnerability that occurs in the database layer of an application. The vulnerability is present whenever user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.
In fact, it is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. The Penetrator can find many kinds of SQL injection vulnerabilities in order to quickly and efficiently solve this security risk.
Cross Site Scripting
Cross site scripting (XSS) is a type of computer security vulnerability typically found in web applications that can be used by an attacker to compromise the same origin policy of client-side scripting languages. Attackers intending to exploit cross site scripting vulnerabilities must approach each class of vulnerability differently. The Penetrator can find many kinds of cross site scripting vulnerabilities so the proper steps can be done to defend against this potential danger.