Vulnerability Scanning
Nowadays technology evolves at an incredible pace and thus we need to understand the urgency to properly secure and manage every aspect of the IT infrastructure. This is why our team conducts specialized assessments to identify vulnerabilities, interdependencies, and cascading effects of significant potential threats to your system.
Not all companies require a penetration test to successfully evaluate their security posture. Regular vulnerability scans are often an alternative. An engineer performs vulnerability scanning to search systems for known vulnerabilities without exploitation attempts with an end goal of providing a remediation report prioritized on risk.
What is Vulnerability Scanning?
A vulnerability scan is a high-level automated test which seeks out and reports on potential vulnerabilities. These scans look at computers, systems and networks in order to find security weaknesses.
As a largely automated service, vulnerability scans look at the areas of your business that could possibly be exploited. They can search for over 50,000 vulnerabilities and are required by many of the leading cybersecurity certifications, including PCI DSS, FFIEC and GLBA.
Vulnerability scans can be introduced manually or run to a schedule, and can take anywhere from several minutes up to several hours. They offer a passive approach to vulnerability management, reporting on any weaknesses that they detect. From there, it is up to the business owner or IT staff to act on these findings.
What is the main difference between vulnerability scanning and penetration testing?
Vulnerability scans run by free software can alert on all these issues, why would you pay a firm in the thousands or tens of thousands to run a pentest? This is where the purpose behind the two types of tests diverge. Pentests bring the human factor to play. Vulnerability scans go for the low hanging fruit. Both are useful.
The benefits of Vulnerability Scanning
Vulnerability testing completes a detailed report that offers an extensive list of vulnerabilities found within the business’s various systems. This puts you in a more informed position to act on potential weaknesses and bolster your business security.
If you’re looking for a quick, high-level way to highlight vulnerabilities within your business, then vulnerability scanning is a good option. These scans are often very affordable, are quick to complete, and can be carried out regularly with relatively little manual input.
However, there is a limit to the information offered by a vulnerability scan. It will not confirm whether or not a weakness is exploitable and, although it will advise on how to fix some issues, the remedial work will not be tailored to the specific needs of the organisation.
While vulnerability scans are extremely useful in flagging issues, they do not always determine the true risk of an issue. For example, if anonymous access (no need for credentials) to a file server is possible, this would be diagnosed as a medium risk. However, if the file server hosts sensitive data such as personal information relating to employees or customers, this would be in breach of information security standards and GDPR.
Falconer Security's Approach
Falconer Security performs full unauthenticated and authenticated testing based on strict OWASP guidelines. Our engineers focus on identifying weak points across the entire web application to ensure your applications and data stay safe. Testing activities include hunting OWASP Top 10 Vulnerabilities, website mapping and enumeration, testing for injection attacks (SQL, JavaScript, LDAP, etc.), testing for remote code execution, malicious file upload abuse testing, and more.
All testing performed follows the OWASP v4 guidelines and checklist.
Methodology
All testing performed is based on the NIST SP 800-115 Technical Guide to Information Security Testing and Assessment, OWASP Testing Guide (v4), and customized testing frameworks.
• Planning – Customer goals are gathered and rules of engagement obtained.
• Discovery – Perform scanning and enumeration to identify potential vulnerabilities, weak areas, and exploits.
• Attack – Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.
• Reporting – Document all found vulnerabilities and exploits, failed attempts, and company strengths and weaknesses.
Vulnerability Scanning Tools
• Burp Suite Pro
• Nessus Vulnerability Scanner
• nmap
• Nikto
• Dirbuster / Dirb / Dirsearch
• Metasploit
• Qualys SSL Scanner
• BuiltWith / whatweb
All of the above-mentioned tools will be used by professional ethical hackers who have a unique understanding of security.
Using vulnerability scanning and penetration testing in tandem
While vulnerability tests and penetration tests are often considered to be different service offerings, any business committed to maintaining good risk posture should look to use both in tandem. Together, vulnerability scanning and penetration testing can help an organisation to swiftly identify weaknesses, wherever they may arise, and work towards a solution before attackers can take advantage of the opportunity.
Looking for help to identify weaknesses in your organisation’s information security? Get in touch with our team today to discover how we can support your security needs. Give us a call on 03450 21 21 51 or click here to fill in a contact form.
What You Will Get:
