The Need for Network Vulnerability Scanning
Network vulnerabilities don’t make it to news headlines as often as other security issues such as malware, phishing, ransomware, or web vulnerabilities. However, it’s the network security issues and misconfigurations that often let the attackers take the first steps when they compromise systems.
- Open ports and exposed services such as FTP, SSH, database servers, etc. are one of the most common configuration issues that lead to major data breaches, especially if coupled with weak passwords. For example, most recent major data breaches happened because businesses exposed their database servers such as Elasticsearch to the public.
- A network vulnerability scanner also helps you discover the lack of security patches for your network devices, web servers, or operating systems. Missing patches or late patching may expose your infrastructure to dangerous attacks, both in the case of Windows and Linux.
- You can use your network scanner to find many other network security issues. For example, you can check whether you are using secure SSL/TLS ciphers.
Harnessing the Power of the OpenVAS Vulnerability Scanner
One of the most established and best network security scanners in the world is an open-source tool – OpenVAS. Its roots go back all the way to 1998 to the open-source Nessus project started by Renaud Deraison. Acunetix closely integrates with OpenVAS, making it even easier to use.
- Acunetix treats vulnerabilities discovered by the OpenVAS engine and by the Acunetix engine the same way. It means that after you run a scan, you have a common list of web and network vulnerabilities that you can manage and remediate.
- Acunetix is a vulnerability assessment tool and a vulnerability management tool, and when integrated with OpenVAS it becomes network security assessment software. Just like in the case of web vulnerabilities, you can prioritize and manage your network vulnerabilities along with web vulnerabilities to proceed with further penetration testing or remediation.
- You can manage all the vulnerabilities discovered by Acunetix using an external issue tracker, for example, Jira, Microsoft TFS, GitHub, GitLab, Bugzilla, or Mantis. This also includes network vulnerabilities. Therefore, Acunetix effectively and uniquely enables simple integration between OpenVAS and issue trackers.
Easy Network Vulnerability Management Integration
The OpenVAS integration in Acunetix is not only powerful but most important of all, it’s easy. You don’t have to create custom scripts or learn the Acunetix API, you only need to use the Acunetix user interface.
- The online (cloud) version of Acunetix is already integrated with OpenVAS so you don’t have to do anything. Immediately after you log in to Acunetix Online for the first time, you can start running network scans for your external network services.
- To secure your internal network, you can install Acunetix and OpenVAS on your premises and integrate them using a few easy steps in the Acunetix user interface. This way, you will be able to scan also those network services that are not available from the outside but still may be subject to internal threats.
- Thanks to Acunetix, you can also use OpenVAS to scan your virtual environments in the SDLC. By integrating Acunetix web and network scanning into CI/CD pipelines, you can check if your virtual machines are not misconfigured. Network issues in development may lead to similar issues in production environments.