In the previous issue, we discussed the functions of vulnerability scanning. Did it help you? If you have different answers, please call InsighSec. Now, let's focus on the classification of vulnerability scanning, and
InsighSec will explain it to you.
First, vulnerability scanning products can be classified based on different scanning methods:
1. Network scanners, which scan vulnerabilities in remote computers through the network;
2. Host scanners, which install an agent or services on the target system to access all files and processes, allowing them to detect more vulnerabilities.
In addition to these three categories, there are also scanners specifically designed for web applications, middleware, and more.
Network scanners are relatively cheaper as they operate through the network, without requiring involvement from the target system administrator or the installation of any components on the target system. They are easier to maintain.
On the other hand, host scanners rely on agents or services installed on the target system, allowing them to access more information and identify a wider range of vulnerabilities. The price of host-based scanners is relatively higher compared to network scanners.
As for database scanners, they focus on the increasing number of vulnerabilities in mainstream databases. For instance, there are over 1,100 Oracle vulnerabilities disclosed by CVE alone. Database scanning can detect vulnerabilities in the database management system (DBMS), default configurations, privilege escalation, buffer overflows, and unpatched vulnerabilities.
That concludes the content shared by
InsighSec. We hope it can be helpful. Stay tuned for more updates from us!