How VA Tools Work?

Vulnerability Assessment tools assist us in finding weaknesses in a system before they can be exploited. A Vulnerability Assessment tool takes the following steps in determining vulnerabilities:

• Discovering – Sends ICMP requests and probes ports to see if the system is up and running, additionally checks if the system is behind a firewall or a filtering device
• Port Mapping – Probes UDP and TCP ports to see which ports are open and accepting connections
• OS fingerprinting – Detects what OS is running on the target system
• Service Mapping – Sends different probes to see which services are running on open ports
• Vulnerability Mapping – Based on the identified services, it tries to find out the vulnerabilities associated with them

There are many Vulnerability Assessment tools available — NeXpose, Nessus and QualysGuard being the few which scan the whole infrastructure including web applications. While, there are some dedicated tools for only web application scanning (dynamic analysis) like AppScan Standard, WebInspect, Burp Suite and Acunetix. Similarly, there are dedicated tools for automated source code review (static analysis) like AppScan Source, Fortify and Veracode.

Alongside finding weaknesses, Vulnerability Assessment tools also provide remediation techniques for eradicating or patching the weakness.