Vulnerability scanners fall into the category of security scanners and are used to improve your own IT security by showing administrators known vulnerabilities in the network through their scans.
Auch bei Security audits These scanners are part of the standard repertoire. The BSI itself provided a vulnerability scanner based on Nessus, but discontinued it in favor of a recommendation from OpenVAS.
The last few years have proven how valuable these scanners can be when, in the wake of the requirement to network every device, old devices and previously ignored devices suddenly began to influence the integrity and security of the entire network.
Not only did software errors appear that could be exploited, but particularly the use of poor, or no, passwords, as well as the use of too many unused, mostly insecure protocols, which made access easier for attackers.
Regardless of whether it is servers, network printers, routers, desktop computers, Linux, Windows or embedded systems that are being examined, Nessus, OpenVAS and Co collect the security-relevant information from the specified test area to the specified depth. They are not limited to vulnerabilities that are accessible via the network, but can also check locally on the machines if configured.
The configuration of both scanners allows a great deal of freedom and can therefore be adapted to the requirements of your own network. From pure presence scans to specific protocols or operating systems to full scans that use all available checks, adapted according to specified goals, specified schedules and, if desired, individually set timeouts for specific checks.
These “checks” are based on the Nessus scripting language NASL (Nessus Attack Scripting Language), which is also used by OpenVAS, as OpenVAS was a fork of Nessus when it was placed under a proprietary license. These checks are provided by the manufacturers of the two scanners, as well as by their community, since NASL of course also allows an administrator to assign and integrate their own checks. New vulnerabilities can be quickly discovered in your own network during the next scan and then remedied.
In addition to simply displaying vulnerabilities, Nessus and OpenVAS offer further information on them, such as the value of the Common Vulnerability Scoring System (CVSS), how they can be fixed and further references to information from the manufacturers or entries from IT security specialists and organizations.
They also offer the possibility of delta comparison of the previous scans in order to be able to present a statement about the course of the vulnerabilities that have occurred.
In addition, they offer themselves as a further possibility to support the inventory in the company. For better evaluation, both scanners also offer the option of filtering the respective test reports and exporting them in different formats.
In order to make an effective profit through the use of vulnerability scanners IT security To achieve this, a regulated process is required to manage the identified vulnerabilities. Identifying existing vulnerabilities and risks is only the first step in this process. Basically, this process can be divided into the following process steps:
Scanning the network or system for vulnerabilities and generating a report on the results of the scan.
Elimination of the selected vulnerabilities based on the planning.
Check whether remediation measures have eliminated the vulnerability and the risks no longer exist or have been reduced.
Once this process has been completed, it starts again from the beginning with a new scan.