Vulnerability Scanning

Fingerprint Icon

Using both commercial and open-source automated scanning tools, the team can quickly identify and prioritise technical vulnerabilities that may lead to system compromise, or indicate underlying configuration errors.

This type of activity is relatively quick and can be very cost-effective, however, it is also prone to both false positives and false negatives, as it relies on both the effectiveness of the automated scanning solution, and the reliability of the end-to-end communication between the scanner and the target at the time the scan takes place.

In addition, an automated scanner will not identify unique, complex or system specific vulnerabilities that were not known at the time the scanning solution was written; nor will it identify flaws in application or business logic.