Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerability Assessment Scanner

 
 





VA Checklist



Click to Enlarge

The downside to a passive approach is that quiet servers or clients aren't detectable. In this case, a passive vulnerability system can become the equivalent of an IDS, indicating a vulnerability only as it's exploited instead of helping to prevent it. Therefore, it's unlikely that active VA tools will be totally replaced by passive systems. Both passive and active VA products can--and should--co-exist in any thorough security program.

Use It Well

The effectiveness of vulnerability data lies in how it is used. One application could be making an IDS more intelligent. Having an automated system to tie together information about each scanned system's vulnerabilities, along with the specific attacks it receives, results in a dramatic decrease in IDS false positives.

  • 1