U.S. Department of Health and Human Services
Vulnerability scanning is an automated process to identify vulnerabilities of computing systems in a network to determine if and where a system can be exploited and/or threatened. It seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings.
Uses authentication and permissions;
Permits in-depth scanning;
Identifies the underlying cause of the vulnerability;
Safe to implement – uses legitimate network services rather than “attack” targets; and
Enables faster, more accurate scans.
Page 5 of 9
System Security Testing