A vulnerability is a security flaw that can be exploited by a threat actor to gain access or perform unauthorized activity within a system. Systems often keep network services running by default, even when they aren’t required for a particular server. These running, unmonitored services are a common means of external attack, as they may not be patched with the latest OS security updates. Vulnerability detection platforms provide scanning capabilities to look for known vulnerabilities which include software vulnerabilities and security misconfigurations. These scans result in a list of vulnerable systems, their specific vulnerabilities, and recommendations for the remediation of discovered vulnerabilities.
Broadscale vulnerability scans can reveal security holes that could be leveraged to access an entire enterprise network. They show data about open ports and IP addresses that can be used by malicious agents to gain entry to a particular system or entire network. In the Common Information Model, vulnerability scanning data is typically mapped to the Vulnerabilities data model.