Vulnerability scans are often the first step in a penetration test. They are also an excellent way to validate that system patching is working. A vulnerability scan is an automated process that uses standard tools to identify potential vulnerabilities in networks or applications. These tools identify OS and application versions that are out of date, encryption types that may be vulnerable, devices active on a network, and open ports and services on an external network.
