Guidelines for Scanning for Vulnerabilities

Here are some guidelines you can follow when scanning for vulnerabilities:

• When scanning for vulnerabilities, use an actual vulnerability scanner rather than a generic port scanner.
• If you are scanning for compliance, involve your legal team.
• If possible, use credentialed scans to probe further into your target.
• When scanning different device or application types, use tools that are specifically designed for your target type.
• Scan firewalls to see which ports are permitted. If necessary, use specially crafted packets to evoke additional information from the firewall.
• Use tactics such as encryption, trusted ports, or slow speeds to evade packet inspection.
• Scan wireless access points to determine security settings and encryption protocols.
• Educate yourself on identifying and mitigating container security risks.
• Keep in mind that most vulnerability scanning can only identify known security weaknesses.
• Do not depend on any one vulnerability scanner to discover all of your vulnerabilities.
• Keep in mind that vulnerability scanners often produce false positives. Be sure to validate your scan results with an exploit tool such as Metasploit.