Vulnerability scanning: what it is and how it works

Identifying cyber security vulnerabilities in your websites, applications and infrastructure.

What is vulnerability scanning?

A vulnerability scan assesses your systems for security flaws that could be exploited by cyber attackers aiming to take control of your systems or steal your data.

What's the difference between vulnerability scanning and penetration testing?

Vulnerability scanning is an automated process that identifies your cyber security weaknesses. 

Penetration testing goes one step further. It involves professional ethical hackers combining the results of automated scans with their expertise to reveal vulnerabilities that may not be identified by scans alone.

By mimicking the techniques used by criminals and other threat actors, they can determine the extent to which your organisations vulnerable to attack.

Why is vulnerability scanning important?

Managing the vulnerabilities in your networks and software is an essential component of your cyber security efforts.

Vulnerabilities are common. New ones are discovered all the time, or can be introduced as a result of system changes.

When such vulnerabilities are discovered, cyber criminals use automated attacks to attempt to exploit them and gain access to unsecured systems.

These attacks are cheap and easy to run, and are indiscriminate, so every Internet-facing organisation is at risk.

All it takes is one vulnerability for an attacker to access your network.

This is why applying patches to fix these security vulnerabilities is essential: if you don’t update to the latest versions as they are released, the vulnerabilities in your systems will remain exploitable and your organisation exposed.

Worse than this is the fact that the vast majority of intrusions are not discovered until it is far too late – usually months after the organisation has been breached.

What does a vulnerability scan test?

Automated vulnerability scanning tools scan for open ports and detect common services running on those ports.

It identifies if there are configuration issues or vulnerabilities on those services, and looks at whether best practice is being followed, such as the use of TLSv1.2 or higher and strong ciphers.

A vulnerability scanning report is then generated to highlight the items that have been identified.

By interpreting these findings, an organisation can improve its security posture.

Scanned by IT Governance stamp

Scanned By IT Governance

IT Governance delivers fast and fully automated external vulnerability scans of an organisation’s Internet-facing IT assets in accordance with best practice.

Find out more about how our Vulnerability Scan service can help secure your organisation

Who conducts vulnerability scans?

IT departments usually undertake vulnerability scanning if they have the expertise and software to do so, or they can call on a third-party security service provider like IT Governance.

IT Governance’s scans are conducted on targets that the client has the necessary permissions to have scanned, and users of the service are required to confirm that they have those permissions.

Vulnerability scans are also performed by attackers who randomly scour the Internet trying to find points of entry into systems and networks.

How often should you conduct a vulnerability scan?

Vulnerability scans need to be conducted regularly to ensure that new vulnerabilities are identified as soon as they become common knowledge and that the appropriate remedial actions are taken, such as applying the necessary patches to fix software vulnerabilities.

Frequent security scanning can show where exposed services are unpatched and vulnerable to exploitation, allowing IT to either patch them or take other remedial actions fast.

You should have a vulnerability management programme. This should include scanning (at least monthly), and annual penetration testing, as well as when you make changes to your systems.

This will help identify your security weaknesses and the extent to which you are open to attack.

Vulnerability scanning and remote working

Identifying and mitigating security vulnerabilities is especially important when staff work from home.

For instance, when you connect to the Internet via a home network, security features that you usually take for granted in the office, such as filtering, firewalls and encryption, might not be available.

And when staff use their own equipment (known as web application penetration test should be conducted by a skilled ethical hacker who is experienced in web applications. These tests should be performed on a regular basis and after changes to the applications have taken place.

Web application penetration tests will detect if a web server and vulnerable applications have been exposed to the Internet, but may not identify other flaws such as URL manipulation that expose the application’s data or users.

Is a vulnerability scan suitable for industrial control systems?

No, vulnerability scans are not suitable for complex production environments where there is external access to industrial control systems or telecommunications equipment. This is due to the specialised nature of such production environments and the need for the correct tools and appropriately skilled ethical hackers. This type of environment will require a manually controlled penetration test.

Vulnerability Scan service

IT Governance’s Vulnerability Scan service

With a monthly subscription to our Vulnerability Scan service, you can

  • Scan for thousands of vulnerabilities, helping you see exactly what criminal hackers can see;
  • Receive a detailed report that gives you a breakdown of all your weak spots that need attention;
  • Act quickly to fix your security weaknesses before criminal hackers find and exploit them; and
  • Run and rerun scans as often as you like within a month.

Find out more about how our Vulnerability Scan service can help secure your organisation