Why Vulnerability Scans Matter


Hidden risks in your environment can lead to compromises such as downtime, theft, or worse.

Introduction – Outsider threats

There are many attack vectors businesses must consider when developing a cyber security program. We often think of bad actors residing in foreign countries attempting to break in through social engineering attacks such as phishing, or through traditional hacking such as scripts or exploits run against exposed services.

To combat these attacks, we use next-generation firewall services, security awareness and training campaigns, and various other malware and web browsing controls. These protections are vital to any organization’s cybersecurity program.

Perimeter defenses are necessary and serve their purpose well. However, they typically solely serve that particular purpose, leaving organizations open to compromise when attacks originate elsewhere.

The Problem – Attacks from all angles

We can liken firewalls and perimeter defense to the castle walls, turrets, and moats of days gone by. The next logical analogy we should consider would be the ancient story of the entry (and destruction) of the city of Troy. We use the term ‘Trojan Horse’ in computing today to describe software disguising its true malicious intent.

Organizations understanding that attacks can originate externally, as well as from within, are better able to prepare for and reduce their impact.

Relevant Facts

Businesses interested in cybersecurity should consider reviewing the Verizon Data Breach Investigations Report. It contains insights, trends, and analysis from over 53,000 incidents and 2,216 confirmed data breaches provided by some of the largest security organizations in the world.

Specific data points of interest state that 28% of breaches involved internal actors. Also, the top internal actors were system admins, end-users, doctors or nurses, developers, managers, executives, cashiers, finance, and HR. Curiously, healthcare was the only industry vertical with more internal actors behind breaches than external.

The case for Continuous Vulnerability Scanning and Remediation

By knowing that internal actors have been responsible for real-world breaches, organizations should take proactive action to reduce the ability for such acts to occur.

Unless strict rules and segmentation are explicitly applied, any user with a network logon can access nearly any system running on a computer network. Many resources are password protected, but flaws often exist that require no credentials to exploit.

Free tools exist that allow attackers to scan and identify systems. Lists detailing known exploits are also freely published online. By correlating discovered operating systems and applications with known exploits, attackers can execute compromises of confidentiality, integrity, and availability.

A vulnerability scan using industry standard tools provides a way to quickly identify various network devices, operating systems, applications, and any known flaws inherent to version, patch level, configuration, firmware status, and others. A detailed report showing instances of particular vulnerabilities, impacted systems, and remediation steps is provided. These vulnerabilities can then be addressed to ensure that attackers are unable to exploit them.

Some examples of critical flaws that we commonly see are:

Intel Management Engine Insecure Read / Write Operations RCE

Computers installed within the last several years typically have this flaw if they have not received timely firmware updates. This flaw may allow remote code execution.

HP iLO 4 <= 2.52 RCE

Certain HP servers that have not had their firmware maintained typically have this flaw. This flaw allows complete compromise of the server console (shut down the server, reboot, edit BIOS configuration, etc…).

Microsoft XML Parser (MSXML) and XML Core Services Unsupported

On Microsoft Windows client and server operating systems, applications may have installed or required various versions of the Microsoft XML parser. Applications may not clean up legacy files thus leaving them behind and available to the operating system. The legacy files no longer receive patches from Microsoft and may contain security vulnerabilities.

In Summary

The examples above are only three of many thousands of hidden risks waiting to be exploited. Considering the continued explosion of connected devices, the potential for exploits rises exponentially in kind.

At Compudyne, we continually advise the use of as many defensive layers as possible. Risk and budget play a role in determining how comprehensive any security program can be, however continuous vulnerability scanning and remediation sits high on the list for prioritization.

Compudyne offers vulnerability scanning and remediation services using industry standard tools. Contact us today to learn more about improving your cybersecurity program


Learn about hardware and software hacking tools with a bonus introductory lock picking lesson! 

  • Compudyne Security Services Overview
  • Hardware Hacking Tools
  • Software Hacking Tools
  • Mitigation Techniques
  • Live Lock picking Tutorial – All attendees will bring home your own lock picking kit!

We recently took over the entire 3rd floor of our building, leaving our beautiful old office open. The perfect spot to host this event!

Appetizers and drinks will be provided. RSVP today , you won’t want to miss this event!