Managing vulnerabilities is a key responsibility for any IT security team—and it's a busy job. According to the Verizon 2020 Data Breach Investigations Report:
- 70% of breaches were caused by outsiders, which means 30% of security vulnerabilities come from inside your organization
- 86% of breaches were financially motivated
- 43% of breaches were attacks on web applications, more than double last year
Traditionally, these security vulnerabilities were detected using a computer program known as a vulnerability scanner, which assesses networks, assets and applications for known weaknesses. The traditional scanner plays an important role in catching common vulnerabilities and exposures if it's used frequently, and it can take the form of a network-based, host-based, wireless, application or database scanner.
Scanners started as a tool to detect vulnerabilities that arose from misconfigurations or flawed programming in a network-based asset, such as a firewall, router or server, but they've evolved as artificial intelligence and machine learning have helped to automate scans and make them more sophisticated. Vulnerability scanning is not the same as penetration testing; the latter identifies weaknesses in exploitable system configurations, organizational processes or practices.
Today, vulnerability scanners scan company infrastructures to detect vulnerabilities using authenticated scans, or those that directly access network-based assets; and unauthenticated scans, which threat actors and security analysts use to determine the security posture of externally accessible assets. Vulnerability scanners look for weaknesses in the environment and insights into degrees of risk from each vulnerability, then provide recommendations on mitigating those risks.