Products Overview Attack Surface Management Automated Security Testing Exploit Intelligence
Platform How It Works AI at CyCognito Pricing
 
Demo of the CyCognito Platform

See the CyCognito platform in action to understand how it can help you identify, prioritize and eliminate your most critical risks. More...

Real World Solutions Assess Your Security Effectiveness Evaluate Merger & Acquisition Risk Manage Your Attack Surface
  Monitor Subsidiary Risk Prioritize & Eliminate Attack Vectors Scale Your Pen Testing Simplify Compliance Initiatives
 
State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024. More...

Meet Our Customers Customer Overview Customer Testimonials Customer Videos
Customer Stories Berlitz Asklepios Ströer Human API Scientific Games
Current Customers Customer Support Customer Login Knowledge Base
The Total Economic Impact™ of The CyCognito Platform

Read The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. More...

Company About Us Leadership Team Careers Privacy and Trust Contact Us
News Latest News Press Releases Media Coverage Events Awards
Partners Partner Program Resellers, MSPs & Systems Integrators Technology Alliance Partners
  Partner Training Sales Training Technical Bootcamps Become a Partner Partner Login
 
Resources What's New Research Reports White Papers + eBooks Solution Briefs Datasheets
  Webinars Videos Blog Glossary Security & Compliance
Learning Center API Security Application Security Attack Surface DRPS
  Exposure Management Vulnerability Assessment Vulnerability Management
EASM 101 External Attack Surface Management Attack Surface Management Attack Surface Discovery Attack Surface Protection Attack Surface Reduction
Cybersecurity Glossary

Vulnerability Scanners

A vulnerability scanner is a tool that inspects applications, systems, networks, and software for potential vulnerabilities and compares details about the assets encountered to a database of information about known security holes in those assets that may involve services and ports, anomalies in packet construction, and potential paths to exploitable programs or scripts.

Vulnerability scanners only discover vulnerabilities in those assets and resources they are directed to scan. This leaves assets that they do not scan, which often includes cloud-based deployments, workloads running in the cloud, resources operated or maintained by third parties, partners, subsidiaries or suppliers open to exploitation. These are the security gaps that attackers are constantly on the lookout for. The relative proportion of what vulnerability scanners can reveal, compared to what they cannot know, can render these tools a form of security theater.

See Also