NetAlly Network Testing Solutions

Tech Tips

Topics

Resources

•  EtherScope nXG
•  AirCheck G3

Subscribe to Tech Tips

Checklist for lessening the risks associated with active vulnerability scanning

Passive and active vulnerability scans allow organizations to identify weaknesses in their network. Active vulnerability scanning provides a more complete picture of network vulnerabilities but runs the risk of disrupting network operations.

The challenge is to maximize your ability to detect network vulnerabilities while minimizing the risks associated with running active vulnerability scans. Best practices that will help lessen these risks include:

  • Run active vulnerability scans on specific network or computer domains, for example, a branch location or a range of IP addresses. This limits any potential negative impact on the enterprise network.
  • Only select Nmap scripts1 that clearly define how the script determines there is a vulnerability and the likelihood of false positives. CyberScope provides several predefined Nmap tests that identify common network vulnerabilities. You can also download Nmap scripts from publicly available repositories such as GitHub.
  • Define when and how often you will run the Nmap scripts. For example, running scripts outside of regular business hours will minimize the impact on business-critical systems, or running scripts at discrete intervals may prevent IDS/IPS from detecting the scans.  
  • Standardize your active vulnerability scans. CyberScope’s AutoTest feature allows you to create a profile for running a customized suite of tests. This feature enables you to run active vulnerability scans consistently and predictably within your organization.  

1Nmap is an open-source tool that uses active scanning to collect information about the network.

Author Bio –
Wireless & Cyber Security Expert

Dr. Avril Salter is an author and acclaimed public speaker with over 20 years of in-depth technical and executive experience working in wireless and network security. She holds senior business and technical architect positions with a history of success in setting direction in major corporations and start-ups. She has an exceptional breadth of technical expertise in wireless standards and network security protocols and is a strategic thinker with a solid understanding of the IT and telecommunications industries.