Security assessment systems, also known as security scanners or vulnerability scanners, perform a comprehensive investigation of the resources under control in order to detect vulnerabilities that might result in security policy violations. The results produced by security scanners represent snapshots of the system state for a specified time period. Despite the fact that these systems can not detect an attack as it starts and evolves, they are capable of detecting the potential danger of attack attempts.
Security scanners can be classified by the types of vulnerabilities they detect (Fig. 6.3). These vulnerabilities were described in Chapter 2.
Fig. 6.3. Classification of security scanners by the type of vulnerability detected