Purpose
A VulnerabilityScanner object is used to represent a piece of equipment or tool used to scan hosts in a network for vulnerabilities, unknown services and similar anomalies. It also reports if a certain host is not patched as it should.
Connections

Object | Connection | Description | Function |
---|---|---|---|
Host | Authenticated Scan | The VulnerabilityScanner is monitoring the Host and has access to login credentials. | A missing vulnerability scanner increases the risk of FindUnknownService on the Host. |
Host | Excluded From Scan | If the VulnerabilityScanner is monitoring all Hosts in a Network zone (denoted by it being connected to the Network), Hosts having the Excluded From Scan connection are not monitored. | A missing vulnerability scanner increases the risk of FindUnknownService on the Host. |
Host | Unauthenticated Scan | The VulnerabilityScanner is monitoring the Host but has no login credentials and will have to do with an "external scan". | A missing vulnerability scanner increases the risk of FindUnknownService on the Host. |
Network | Authenticated Scan | The VulnerabilityScanner is monitoring all Hosts connected to the Network. It has access to login credentials. | A missing Vulnerability Scanner on the Network increases the risk of FindUnknownService and FindExploitForPublic PatchableVulnerability on Hosts on the Network. |
Network | Unauthenticated Scan | The VulnerabilityScanner is monitoring all Hosts connected to the Network. It has no login credentials and will have to do with an "external scan". | A missing Vulnerability Scanner on the Network increases the risk of FindUnknownService and FindExploitForPublic PatchableVulnerability on Hosts on the Network. |
Attack Steps and Defenses

Attack Step | Description |
---|---|
None | There are no attack steps associated with the VulnerabilityScanner object. |
Defense | Description | Impact | Default |
---|---|---|---|
Enabled | This defense concerns whether the Vulnerability Scanner is functioning and performing scans as expected. | A disabled Vulnerability Scanner on the Network increases the risk of FindUnknownService and FindExploitFor PublicPatchableVulnerability on Hosts on the Network. | On |