Scanner
Scanning consist in doing an inspection on a system to find some weaknesses.
Authenticated vs. Unauthenticated Scans
The credentials of the subject host must be provided to the vulnerability scanner.
The vulnerability scanner does not require the host’s credentials; it only needs the IP address.
Identifies the vulnerabilities that can be exploited by the attackers having access to the host.
Identifies the vulnerabilities that can be exploited by an external attacker having no access to the subject host.
It provides a deeper visibility into the target system by scanning its configuration and installed applications.
It is less resource-intensive and straightforward to set up.
For example, scanning an internal database by providing its credentials to the vulnerability scanner.
For example, scanning a public-facing website for vulnerabilities that any user can exploit.
Internal vs. External Scans
Conducted from inside the network.
Conducted from outside the network.
It focuses on the vulnerabilities that can be exploited inside the network.
It focuses on the vulnerabilities that can be exploited from outside the network.
Identifies vulnerabilities that would be exposed to the attackers once they get inside the network.
Identifies the vulnerabilities exposed to the attacker from outside the network.
Tools for scanning
Last updated