decorative background art

A Quick Guide to Vulnerability Scanning

Streamowrks Blog

A Quick Guide to Vulnerability Scanning

 

We've all heard the news. It seems a major new one comes out every month or two. They have creative and memorable names like "Eternal Blue," "Heartbleed," and "Shellshock." And when paired with cybercrime, they cost us trillions of dollars.

 

What are they? Vulnerabilities.

 

Vulnerabilities are flaws, bugs, and weaknesses in technology, code, or implementations. Although many vulnerabilities are low severity, more than enough medium, high, and critical severity ones exist, leading to security breaches, data theft, and damage.

 

Since there are too many vulnerabilities for any security or IT team to track manually, many go undiscovered, unpatched, or just plain ignored. So what's the solution?

 

Vulnerability scanning.

 

What is Vulnerability Scanning?

As an essential part of a vulnerability management process, vulnerability scanning (aka "vuln" scanning) is a process for identifying vulnerabilities in your network environment. A good scanning tool will automatically scan your networks, devices, applications, and configurations for vulnerabilities. It will document the findings, classify them, and create actionable reports to help you prioritize the patching and remediation process.

 

Here's an example: your vulnerability scanner will scan your operating system, find an unpatched flaw, tell you the severity level (critical, high, medium, etc.), and recommend steps to fix it.

 

Scheduled vulnerability scanning is not only a security best practice, it's a requirement to stay compliant with frameworks like SOC 2 and HIPAA.

 

Scanning vs. Penetration Testing

Let's tangent a bit and talk about how vulnerability scanning compares to penetration testing, as many people are unaware of the differences.

 

We know what vuln scanning is, but is it the same as penetration testing?

 

Nope.

 

A vuln scan is a surface-level sweep of your network (think mile wide but inch deep). By contrast, a penetration test is a manual process where a hired security expert tries to find, exploit, and leverage a vulnerability to crack passwords, take control of systems, and find sensitive data.

 

Compared to a vuln scan, pen tests require more planning and are expensive. However, pen test findings and reports are much more in-depth. They can give you remediation measures not discovered through vuln scanning alone.

 

To keep our networks and assets safe (and your data), Streamworks uses a mix of various ongoing and separate evaluations, including penetration testing.

 

Internal and External Vulnerability Scanning

There are a few main kinds of vulnerability scanning. Still, internal and external scanning are two major types you'll hear about most often.

 

Internal Scans

You kick off internal scans from within your internal, private network. The scans run against your internal servers, workstations, and resources. Internal scans, unlike external scans, have direct access to internal devices.

 

One significant benefit of internal scanning is the ability to identify vulnerabilities an inside attacker might leverage to steal sensitive data, take over systems, and compromise applications.

 

External Scans

External scanning, on the other hand, is performed from outside your internal network. It targets your public IP addresses and services connected to the internet like websites, login portals, and remote access ports.

 

External vulnerability scanning is beneficial for understanding how an outside attacker might exploit your public-facing assets and services.

 

Credentialed vs. Non-credentialed Scanning

In addition to the internal and external scan types, you can choose credentialed or non-credentialed scan methods.

 

You give the scanner privileged account permissions with credentialed (or "authenticated") scans. Credentials allow the scanner to delve deeper into systems to find vulnerabilities that aren't visible to non-credentialed scans.

 

Non-credentialed (also called "unauthenticated") scans do not have account credentials, so they don't probe as deeply into systems as credentialed scans. There is a benefit with non-credentialed scans, however. Some say they are more realistic because they only show the vulnerabilities and weaknesses an attacker will initially see and can access.

 

Working with Scan Results

Once you have your scan results, you'll know what vulnerabilities you have in your environment, the severity of those vulnerabilities, and what systems are vulnerable. This information will help prioritize your patching and remediation process.

 

For example, your scan reports might show you the top 10 critical vulnerabilities you have on your most important systems. With this information, you can research the remediation recommendations, plan your patching process (which might require downtime and rebooting systems), remediate, and test. As an added assurance, you can rescan to ensure your patches and remediation steps are successful.

 

Conclusion

Vulnerability scanning is the first important step in any vulnerability management process. With a good scanning tool and configuration choices that meet your business and compliance requirements, you'll identify vulnerabilities and know where to focus your patch management energies.

 

Streamworks conducts monthly internal and external vulnerability scans to discover new vulnerabilities and to ensure our patch management process is effective. Our IT and executive management teams review scan results and plan the remediation actions to protect your data and keep our technology environment safe.

 

Protect your sensitive data by finding a secure print partner who knows data classification. Download our FREE Secure Marketing Communications Checklist now!