With the growing reliance and dependence on our inter-connected world, security vulnerabilities are a real world issue requiring focus and attention. Security vulnerabilities are the path to security breaches and originate from many different areas - incorrectly configured systems, unchanged default passwords, product flaws, or missing security patches to name a few. The comprehensive and accurate identification and remediation of security vulnerabilities is a key requirement to mitigate security risk for enterprises.

Vulnerability assessment technology has evolved significantly since the initial release of SATAN about a decade ago. SATAN was a dictionary based UNIX security testing tool designed to help system administrators identifying common security problems. Second generation vulnerability scanners built upon hard-coded decision trees followed shortly. Predefined decision trees allowed minimizing the necessary probes depending on operating system and application. Their lack of flexibility however made them quickly obsolete.

Modern scanner architectures are built as inference based systems, not requiring any agent software on the target systems. They learn about each target system individually while selective probes are being exchanged with the target system. The inference based architecture is centred around highly multi-threaded engines for scanning thousands of vulnerabilities simultaneously on any system on a network. Modern scanner architectures also support multiple levels (trusted and un-trusted) of vulnerability assessment against any given target system. Un-trusted vulnerability assessments simulate the scenario of an attacker without prior knowledge about the target system, while trusted assessments leverage credentials to log into the target systems for auditing configuration and patch information. An important criterion for measuring the effectiveness of a vulnerability scanner is the comprehensiveness and accuracy of its vulnerability knowledge base. Also, the ability to report and communicate vulnerability findings in a standardized manner from the vulnerability scanner to other applications (i.e. patch distribution or configuration management) is a critical requirement.

The link for this article located at Security Park is no longer available.