ELI5: What is Vulnerability Scanning?
A vulnerability scanner checks your systems for known weaknesses, like a building inspector looking for cracks in the walls. It finds the problems so you can fix them before anyone exploits them.
Definition
Vulnerability scanning is an automated process that probes systems, applications, and network devices to identify known vulnerabilities, security misconfigurations, missing patches, and weak configurations by comparing findings against vulnerability databases such as CVE/NVD. Unlike penetration testing, vulnerability scanning is non-exploitative — it identifies potential weaknesses without actively attempting to compromise systems.
Key Details
- Credentialed scans (authenticated) provide deeper, more accurate results than non-credentialed (unauthenticated) scans
- Scan results are mapped to CVE identifiers and scored using CVSS for risk prioritization
- Internal vs. external scanning: internal finds issues visible from inside the network; external simulates an outside attacker
- Scan scheduling balances thoroughness with operational impact (avoid production windows)
- Common tools: Nessus, Qualys, OpenVAS, Rapid7 InsightVM
- Findings must be remediated or mitigated based on risk-based prioritization
Connections
- Parent: vulnerability-management — vulnerability scanning is the primary discovery mechanism in vulnerability management programs
- See also: credentialed-vs-non-credentialed-scans, cvss-common-vulnerability-scoring-system, cve-common-vulnerabilities-and-exposures, scan-scheduling, risk-based-prioritization