What is a Security Scan?
A security scan is an automated process which scans elements of a network, application or device to check for security flaws. Security scanning is something which should be undertaken regularly to ensure information remains secure.
Both network security scans and web application security scans can be done using a security scanner such as Acunetix. A network security scan done using the Online Vulnerability Scanner, which is currently being offered for free on a trial basis, would perform the following:
- Scan and audit your internet facing servers for over 35,000 vulnerabilities, identifying system and network weaknesses.
- Identify vulnerable versions of applications and ensuring that servers are not running any illegitimate services, such as Trojans.
- Using various techniques such as OS fingerprinting to discover the information that the systems are leaking.
- Ensure that all the organisation’s services, including FTP and mail, do not suffer from Heartbleed, POODLE or Shell Shock.
Another level of security scanning is a web application vulnerability scan, which checks web applications for any vulnerabilities which would allow a hacker to gain access, thereby risking data theft, defacement and loss of customer trust. There are many different types of vulnerabilities but some of the most common ones are SQL injection and Cross Site Scripting, of which there are many variants. A security scanner such as Acunetix Web Vulnerability Scanner does the following:
- Crawls thousands of pages without interruption, at lightning speed.
- In-depth testing of SQL injection and Cross-Site Scripting (XSS), the most thorough scanner for these vulnerabilities.
- Acunetix AcuSensor Technology allows accurate scanning with low false positives, by combining black box scanning techniques with feedback from its sensors placed inside the source code.
- a Login Sequence Recorder to make testing of password protected areas quick and easy.
- Acunetix DeepScan, which can interpret SOAP, XML, AJAX and JSON.
The final level of security scanning is a system scan of an individual device (i.e your PC), this would find malware, trojans, keystroke loggers and anything else harmful to your machine.