Abstract
Vulnerability scanners are automated tools that define, identify, and classify security holes (vulnerabilities) in a computer, server, network, or communications infrastructure. Scanners discover missed patches on target systems and report related vulnerabilities. Many of the current information security systems use vulnerability scanners as the main part in the risk assessment process. Others depend on the scanners output in the systems patch management. This paper assesses the effectiveness of depending on vulnerability scanners in the information security management system. It compares between four of the leading vulnerability scanners in the market and carries out a study of their effectiveness in detecting missed patches.
The results show the severity of relying on vulnerability scanners to discover system patches status. A number of false positive and false negative detections for the system patches are reported by each of the tested scanners. The severe level for some of the unreported missed patches ranked as critical that puts the system in a high risk and makes it vulnerable for different attacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Microsoft Corporation: Microsoft Security Update Guide. 2nd edn. (June 2011)
Nist, Aroms, E.: NIST Special Publication 800-115 Technical Guide to Information Security Testing and Assessment. CreateSpace, Paramount, CA (2012)
Danforth, M.: Scalable patch management using evolutionary analysis of attack graphs. In: Proceedings of the 2008 Seventh International Conference on Machine Learning and Applications, ICMLA 2008, pp. 300–307. IEEE Computer Society, Washington, DC (2008)
Souppaya, M., Scarfone, K.: Guide to enterprise patch management technologies. National Institute of Standards and Technology, NIST SP 800-40 (September 2012)
Yang, G., Chen, D., Xu, J., Zhu, Z.: Research of intrusion detection system based on vulnerability scanner. In: 2010 2nd International Conference on Advanced Computer Control, ICACC, pp. 173–176 (2010)
Kavanagh, K.: Marketscope for vulnerability assessment. Gartner, Inc. (August 2011) G00230435
Kavanagh, K., Nicolett, M.: Marketscope for vulnerability assessment. Gartner, Inc. (April 2011) G00211846
Nilsson, J., Virta, V.: Vulnerability scanners. Royal Institute of Technology, Stockholm (2006)
Wack, J., Tracy, M., Souppaya, M.: Guideline on network security testing. National Institute of Standards and Technology, NIST SP 800-42 (October 2003)
Beale, J., Deraison, R., Meer, H., Temmingh, R., Walt, C.V.D.: Nessus Network Auditing. Syngress Publishing (2004)
Microsoft: Microsoft baseline security analyzer v2.2 (July 2010), http://microsoft.com/en-us/download/details.aspx?id=7558
McAfee: Mcafee vulnerability manager v7.5 (December 2012), http://www.mcafee.com
BeyondTrust: Retina network security scanner v5.18 (2012), http://beyondtrust.com
Rapid7: Nexpose vulnerability management v5.5.12 (2012), http://www.rapid7.com
Tenable: Nessus vulnerability scanner v5.0.2 (February 2012), http://www.tenable.com
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Badawy, M.A., El-Fishawy, N., Elshakankiry, O. (2013). Vulnerability Scanners Capabilities for Detecting Windows Missed Patches: Comparative Study. In: Awad, A.I., Hassanien, A.E., Baba, K. (eds) Advances in Security of Information and Communication Networks. SecNet 2013. Communications in Computer and Information Science, vol 381. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40597-6_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-40597-6_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40596-9
Online ISBN: 978-3-642-40597-6
eBook Packages: Computer ScienceComputer Science (R0)