VulnerabilityScanner

Purpose

A VulnerabilityScanner object is used to represent a piece of equipment or tool used to scan hosts in a network for vulnerabilities, unknown services and similar anomalies. It also reports if a certain host is not patched as it should.

Connections

VulnerabilityScanner and Neighboring Objects
VulnerabilityScanner and Neighboring Objects

 

ObjectConnectionDescriptionFunction
HostAuthenticated ScanThe VulnerabilityScanner is monitoring the Host and has access to login credentials.A missing vulnerability scanner increases the risk of FindUnknownService on the Host.
HostExcluded From ScanIf the VulnerabilityScanner is monitoring all Hosts in a Network zone (denoted by it being connected to the Network), Hosts having the Excluded From Scan connection are not monitored.A missing vulnerability scanner increases the risk of FindUnknownService on the Host.
HostUnauthenticated ScanThe VulnerabilityScanner is monitoring the Host but has no login credentials and will have to do with an "external scan".A missing vulnerability scanner increases the risk of FindUnknownService on the Host.
NetworkAuthenticated ScanThe VulnerabilityScanner is monitoring all Hosts connected to the Network. It has access to login credentials.A missing Vulnerability Scanner on the Network increases the risk of FindUnknownService and FindExploitForPublic PatchableVulnerability on Hosts on the Network.
NetworkUnauthenticated ScanThe VulnerabilityScanner is monitoring all Hosts connected to the Network. It has no login credentials and will have to do with an "external scan".A missing Vulnerability Scanner on the Network increases the risk of FindUnknownService and FindExploitForPublic PatchableVulnerability on Hosts on the Network.

Attack Steps and Defenses

Attack Steps and Defenses
Attack Steps and Defenses

 

Attack StepDescription
NoneThere are no attack steps associated with the VulnerabilityScanner object.

 

DefenseDescriptionImpactDefault
EnabledThis defense concerns whether the Vulnerability Scanner is functioning and performing scans as expected.A disabled Vulnerability Scanner on the Network increases the risk of FindUnknownService and FindExploitFor PublicPatchableVulnerability on Hosts on the Network.On