Cybersecurity Glossary

Passive Scanning

Passive scanning is a reconnaissance workflow that typically does not involve direct interaction with a digital asset, for example parsing open-source intelligence (OSINT) such as DNS enumeration or Google searches.

Passive scanning may also include singular direct interaction with a digital asset through tool categories like open-source network mappers or port scanners to gather running service software versions. Passive scanning can build a basic, but unvalidated list of the externally exposed assets and alert on the possible presence of common vulnerabilities and exposures (CVE). Also see "Active Testing".

See Also
Resources Solution Briefs
Active Testing vs. Passive Scanning to Detect Attack Surface Risk

Learn about the approaches, the challenges, the benefits, and how you can achieve continuous and comprehensive security testing across all of your external assets.

Resources Datasheets
Active Security Testing

Continuous active security testing across the entire external attack surface is essential for organizations to reduce risk.

CyCognito Report

State of External Exposure Management, 2024 Edition

State of External Exposure Management Report

Critical vulnerabilities often hide in plain sight—especially in your web servers.

The report is a must-read for understanding today’s external risks and how to prioritize them effectively. Download the report to stay ahead of emerging threats and strengthen your security posture for 2025.

Get the Report