VulnerabilityScanner

Purpose

A VulnerabilityScanner object is used to represent a piece of equipment or tool used to scan hosts in a network for vulnerabilities, unknown services and similar anomalies. It also reports if a certain host is not patched as it should.

Connections

Object

Connection

Description

Function

Host

Authenticated Scan

The VulnerabilityScanner is monitoring the Host and has access to login credentials.

A missing vulnerability scanner increases the risk of FindUnknownService on the Host.

Host

Excluded From Scan

If the VulnerabilityScanner is monitoring all Hosts in a Network zone (denoted by it being connected to the Network), Hosts having the Excluded From Scan connection are not monitored.

A missing vulnerability scanner increases the risk of FindUnknownService on the Host.

Host

Unauthenticated Scan

The VulnerabilityScanner is monitoring the Host but has no login credentials and will have to do with an "external scan".

A missing vulnerability scanner increases the risk of FindUnknownService on the Host.

Network

Authenticated Scan

The VulnerabilityScanner is monitoring all Hosts connected to the Network. It has access to login credentials.

A missing Vulnerability Scanner on the Network increases the risk of FindUnknownService and FindExploitForPublic PatchableVulnerability on Hosts on the Network.

Network

Unauthenticated Scan

The VulnerabilityScanner is monitoring all Hosts connected to the Network. It has no login credentials and will have to do with an "external scan".

A missing Vulnerability Scanner on the Network increases the risk of FindUnknownService and FindExploitForPublic PatchableVulnerability on Hosts on the Network.

Attack Steps and Defenses

Attack Step

Description

None

There are no attack steps associated with the VulnerabilityScanner object.

Defense

Description

Impact

Default

Enabled

This defense concerns whether the Vulnerability Scanner is functioning and performing scans as expected.

A disabled Vulnerability Scanner on the Network increases the risk of FindUnknownService and FindExploitFor PublicPatchableVulnerability on Hosts on the Network.

On


What’s Next