Purpose
A VulnerabilityScanner object is used to represent a piece of equipment or tool used to scan hosts in a network for vulnerabilities, unknown services and similar anomalies. It also reports if a certain host is not patched as it should.
Connections
| Object | Connection | Description | Function |
|---|---|---|---|
| Host | Authenticated Scan | The VulnerabilityScanner is monitoring the Host and has access to login credentials. | A missing vulnerability scanner increases the risk of FindUnknownService on the Host. |
| Host | Excluded From Scan | If the VulnerabilityScanner is monitoring all Hosts in a Network zone (denoted by it being connected to the Network), Hosts having the Excluded From Scan connection are not monitored. | A missing vulnerability scanner increases the risk of FindUnknownService on the Host. |
| Host | Unauthenticated Scan | The VulnerabilityScanner is monitoring the Host but has no login credentials and will have to do with an "external scan". | A missing vulnerability scanner increases the risk of FindUnknownService on the Host. |
| Network | Authenticated Scan | The VulnerabilityScanner is monitoring all Hosts connected to the Network. It has access to login credentials. | A missing Vulnerability Scanner on the Network increases the risk of FindUnknownService and FindExploitForPublic PatchableVulnerability on Hosts on the Network. |
| Network | Unauthenticated Scan | The VulnerabilityScanner is monitoring all Hosts connected to the Network. It has no login credentials and will have to do with an "external scan". | A missing Vulnerability Scanner on the Network increases the risk of FindUnknownService and FindExploitForPublic PatchableVulnerability on Hosts on the Network. |
Attack Steps and Defenses
| Attack Step | Description |
|---|---|
| None | There are no attack steps associated with the VulnerabilityScanner object. |
| Defense | Description | Impact | Default |
|---|---|---|---|
| Enabled | This defense concerns whether the Vulnerability Scanner is functioning and performing scans as expected. | A disabled Vulnerability Scanner on the Network increases the risk of FindUnknownService and FindExploitFor PublicPatchableVulnerability on Hosts on the Network. | On |