Vulnerability Scanning

Vulnerability scanning is the systematic examination of an asset's software, services, and configuration to identify weaknesses that could be exploited. Scanners fingerprint running software versions and cross-reference them against databases of known vulnerabilities — primarily the National Vulnerability Database (NVD) using CVE identifiers — to produce a list of confirmed or probable weaknesses requiring remediation.

The majority of successful breaches exploit known vulnerabilities for which patches already exist. Vulnerability scanning answers the question: what known-bad software is running in my environment right now? Without continuous scanning, organizations operate blind to their own exposure. Scanning is also the baseline for regulatory compliance frameworks including PCI DSS, ISO 27001, and SOC 2, all of which require periodic vulnerability assessments.

A scanner probes target hosts using network-based techniques or authenticated agent-based collection to enumerate installed software, running services, open ports, and configuration settings. Each discovered component is matched against a vulnerability database. Findings are assigned a severity score — typically using CVSS — indicating exploitability and potential impact. Results are aggregated into reports that prioritize which vulnerabilities to remediate first based on severity, asset criticality, and whether public exploits exist.