Vulnerability scanning is an inspection of the potential points of exploit on a computer or network to identify security holes. Our vulnerability scanner detects and classifies system weaknesses in computers, networks and communications equipment and predicts the effectiveness of countermeasures. It runs from the end point of the person inspecting the attack surface in question and  compares details about the target attack surface to a database of information about known security holes in services and ports, anomalies in packet construction, and potential paths to exploitable programs or scripts. 

There are two approaches to vulnerability scanning, authenticated and unauthenticated scans. In the unauthenticated method, the tester performs the scan as an intruder would, without trusted access to the network. Such a scan reveals vulnerabilities that can be accessed without logging into the network. In an authenticated scan, the tester logs in as a network user, revealing the vulnerabilities that are accessible to a trusted user, or an intruder that has gained access as a trusted user. Our Security experts will run both scenarios to find any potential hole in your systems and network.

Our experts will also perform web application vulnerability scans to find vulnerabilities in websites and other web-based applications. While a network vulnerability scan scans the web server itself, including its operating system, the web server daemon and the various other open services, such as database services running on the same system, web application scanners focus on the code of the application.

Unlike  our network vulnerability scanning methods that use a database of known vulnerabilities and misconfigurations, our web application scanning methods look for common types of web flaws such as cross-site scripting (XSS), SQL injection, command injection, and path traversal and therefore we can find previously unknown vulnerabilities that can be unique to the tested application. This is also known as dynamic application security testing (DAST) and is often used by penetration testers.

We use web application scanners together with static application security testing (SAST) tools, which analyse the actual source code of web applications during the development stage, as part of secure development lifecycles (SDLCs).