Vulnerability scanning involves the automated or manual assessment of systems, applications, and networks to identify misconfigurations, unpatched software, or other security weaknesses. The process helps prioritize remediation efforts by classifying vulnerabilities based on risk and impact, reducing the likelihood of exploitation by adversaries. This mitigation can be implemented through the following measures:
Proactive Identification of Vulnerabilities
Cloud Environment Scanning
Network Device Scanning
Web Application Scanning
Prioritizing Vulnerabilities
Tools for Implementation
Open Source Tools:
Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1190 | Exploit Public-Facing Application |
Regularly scan externally facing systems for vulnerabilities and establish procedures to rapidly patch systems when critical vulnerabilities are discovered through scanning and through public disclosure.[1] |
|
Enterprise | T1210 | Exploitation of Remote Services |
Regularly scan the internal network for available services to identify new and potentially vulnerable services. |
|
Enterprise | T1195 | Supply Chain Compromise |
Continuous monitoring of vulnerability sources and the use of automatic and manual code review tools should also be implemented as well.[1] |
|
.001 | Compromise Software Dependencies and Development Tools |
Continuous monitoring of vulnerability sources and the use of automatic and manual code review tools should also be implemented as well.[1] |
||
.002 | Compromise Software Supply Chain |
Continuous monitoring of vulnerability sources and the use of automatic and manual code review tools should also be implemented as well.[1] |