Vulnerability scanner definition
Vulnerability scanners are automated tools that allow organizations to check if their networks, systems and applications have security weaknesses that could expose them to attacks. Vulnerability scanning is a common practice across enterprise networks and is often mandated by industry standards and government regulations to improve the organization’s security posture.
There are many tools and products in the vulnerability scanning space that cover different types of assets and offer additional features that help companies implement a complete vulnerability management program — the combined processes related to identifying, classifying and mitigating vulnerabilities.
External and internal vulnerability scans
Vulnerability scans can be performed from outside or inside the network or the network segment that’s being evaluated. Organizations can run external scans from outside their network perimeter to determine the exposure to attacks of servers and applications that are accessible directly from the internet. Meanwhile, internal vulnerability scans aim to identify flaws that hackers could exploit to move laterally to different systems and servers if they gain access to the local network.