scanning on an
attack surface

Author: Lauren McMenemy

Spare a thought for security teams: they're dealing with a security vulnerability battlefield that's continually changing and constantly intensifying. And as remote working becomes more prevalent, the battlefield gets bigger and more difficult to contain.

Technology has made our lives easier in many ways, but it's also created new fronts on which to fight cyber attacks. As mobility and the Internet of Things grow in our homes and offices and data needs to reach more devices in more places, the potential surface for security attacks grows and new security vulnerabilities are revealed. Protecting everyone and everything is no small feat.

However, what technology also brings to the table is data—lots and lots of data. By analyzing that data, it's possible to understand your company's security posture and protect your business from its most dire threats.

As security threats change, so must the methods businesses use to identify and protect themselves. A vulnerability scanner can detect these weaknesses and bring them to the security team's attention—and might suggest the best way to resolve the issues.

Common vulnerabilities

Let's back up. What is a security vulnerability? Simply put, it's a flaw or weakness in a system or network that attackers could exploit to cause damage or manipulate the system for personal or criminal means.

A security vulnerability is slightly different from a cyber threat. A threat is a malicious or otherwise harmful action an external or internal actor could take; vulnerabilities are harmless until they are exploited by a threat actor. Cyber criminals will look for and exploit vulnerabilities to their advantage, but they don't necessarily cause the vulnerability in the first place.

There are four main types of security vulnerability:

  • Network vulnerabilities, such as poorly configured access points or firewalls
  • Operating system vulnerabilities, such as default superuser accounts and hidden backdoor programs
  • Human vulnerabilities, including internal elements (such as accidental exposure of sensitive data) and user errors that accidentally create exploitable access points or disrupt the system
  • Process vulnerabilities, such as poor password protocols and a lack of specific process controls

Scanning the horizon for threats and security vulnerability

Managing vulnerabilities is a key responsibility for any IT security team—and it's a busy job. According to the Verizon 2020 Data Breach Investigations Report:

  • 70% of breaches were caused by outsiders, which means 30% of security vulnerabilities come from inside your organization
  • 86% of breaches were financially motivated
  • 43% of breaches were attacks on web applications, more than double last year

Traditionally, these security vulnerabilities were detected using a computer program known as a vulnerability scanner, which assesses networks, assets and applications for known weaknesses. The traditional scanner plays an important role in catching common vulnerabilities and exposures if it's used frequently, and it can take the form of a network-based, host-based, wireless, application or database scanner.

Scanners started as a tool to detect vulnerabilities that arose from misconfigurations or flawed programming in a network-based asset, such as a firewall, router or server, but they've evolved as artificial intelligence and machine learning have helped to automate scans and make them more sophisticated. Vulnerability scanning is not the same as penetration testing; the latter identifies weaknesses in exploitable system configurations, organizational processes or practices.

Today, vulnerability scanners scan company infrastructures to detect vulnerabilities using authenticated scans, or those that directly access network-based assets; and unauthenticated scans, which threat actors and security analysts use to determine the security posture of externally accessible assets. Vulnerability scanners look for weaknesses in the environment and insights into degrees of risk from each vulnerability, then provide recommendations on mitigating those risks.

Looking beyond the cyber security horizon

The number of threats and vulnerabilities has exploded in recent years. Anyone scanning the digital horizons needs to be constantly vigilant and ready to patch and protect as necessary. As technology evolves and the attack surface expands, security experts need to be everywhere at once—and that's just not humanly possible.

Automated tools and software programs such as vulnerability scanners can help bolster security teams and alert them when things might go awry. The advance notice, coupled with the scanner's recommendations on mitigating the risk and securing the vulnerability, can help companies rebound from attacks without any delay in safe operation.

But it's a big job, and the threat landscape is always expanding and changing. Sometimes a company just doesn't have the resources to keep up with every vulnerability out there. If you don't, working with an independent third party to conduct vulnerability scanning, analyze the data and make recommendations for protection can help free up those internal resources to focus on the fixes.

Businesses must identify potential vulnerabilities and be proactive in assessing cyber threats and addressing any security gaps.

See how Verizon Business's security products can help protect your business as the threat landscape evolves.