WEBVTT 00:00.860 --> 00:08.840 Vulnerability scanning employs automating processes and applications to identify vulnerabilities in 00:08.840 --> 00:14.420 a network system, operating system or application that may be exploitable. 00:14.450 --> 00:22.610 When performed correctly, a vulnerability can deliver an inventory of devices, normal abilities that 00:22.610 --> 00:29.990 have been actively scanned for, and usually a confirmation of how compliant the devices are with various 00:29.990 --> 00:32.720 policies and regulations. 00:32.990 --> 00:36.950 Unfortunately, vulnerability scans are load. 00:36.980 --> 00:44.960 They deliver multiple packets that are easily detected by most network controls and make stealth almost 00:44.960 --> 00:46.850 impossible to achieve. 00:46.880 --> 00:52.250 They also suffer from, for the most important part, a vulnerability. 00:52.250 --> 00:59.810 Scanners are signature based, so they can only detect known vulnerabilities and only if there is an 00:59.810 --> 01:05.300 existing recognition signature that the scanner can apply to the target to a penetration tester. 01:05.310 --> 01:13.200 The most effective scanners are open source, so they load the tester to rapidly modify code to detect 01:13.230 --> 01:14.970 new vulnerabilities. 01:15.510 --> 01:23.070 And also scanners produce large volumes of output, frequently containing false positive results that 01:23.070 --> 01:25.120 can lead a tester astray. 01:25.140 --> 01:33.360 In particular, networks with a different operating systems can produce false positives with a rate 01:33.360 --> 01:40.620 as high as 70%, and scanners may have a negative impact on the network. 01:40.650 --> 01:45.690 They can create a network latency or cause the failure of some devices. 01:45.690 --> 01:55.800 So it's recommended to tweak the scan by removing denial of service type plugins during initial scans 01:55.800 --> 02:04.150 and in certain jurisdictions, scanning is considered hacking and may consider Tuite an illegal act. 02:04.150 --> 02:12.040 And there are multiple commercial and open source products that perform vulnerability scans.