nullmethod Greg Ose

Scanning Reality - Limits of Automated Vulnerability Scanners

This article published in Dark Reading details the commonly overlooked limitations of automated vulnerability scanners and the assumptions that could lead to security fail.


Automated security scanning products are at the core of most vulnerability management programs. Many security teams, in fact, will use more than one scanner to validate what each finds and get the broadest possible coverage to expose weaknesses in their computing environments. However, although these scanners are important security tools, they have significant limitations, and organizations that rely exclusively on them will be exposed to potentially high levels of risk. In this report, we will present three key areas in which automated vulnerability scanners fall short and the steps you can take to address security issues that are not identified by these tools.

More Info