Skip to main content
Glossary Definition

Vulnerability Scanners


Vulnerability Scanners

A vulnerability scanner is a tool that inspects applications, systems, networks, and software for potential vulnerabilities and compares details about the assets encountered to a database of information about known security holes in those assets that may involve services and ports, anomalies in packet construction, and potential paths to exploitable programs or scripts.

Vulnerability scanners only discover vulnerabilities in those assets and resources they are directed to scan. This leaves assets that they do not scan, which often includes cloud-based deployments, workloads running in the cloud, resources operated or maintained by third parties, partners, subsidiaries or suppliers open to exploitation. These are the security gaps that attackers are constantly on the lookout for. The relative proportion of what vulnerability scanners can reveal, compared to what they cannot know, can render these tools a form of security theater.

Read More Glossary Terms