Vulnerability Scanners Capabilities for Detecting Windows Missed Patches: Comparative Study
Vulnerability scanners are automated tools that define, identify, and classify security holes (vulnerabilities) in a computer, server, network, or communications infrastructure. Scanners discover missed patches on target systems and report related vulnerabilities. Many of the current information security systems use vulnerability scanners as the main part in the risk assessment process. Others depend on the scanners output in the systems patch management. This paper assesses the effectiveness of depending on vulnerability scanners in the information security management system. It compares between four of the leading vulnerability scanners in the market and carries out a study of their effectiveness in detecting missed patches.
The results show the severity of relying on vulnerability scanners to discover system patches status. A number of false positive and false negative detections for the system patches are reported by each of the tested scanners. The severe level for some of the unreported missed patches ranked as critical that puts the system in a high risk and makes it vulnerable for different attacks.
KeywordsVulnerability scanner patch management risk assessment
Unable to display preview. Download preview PDF.
- 1.Microsoft Corporation: Microsoft Security Update Guide. 2nd edn. (June 2011)Google Scholar
- 2.Nist, Aroms, E.: NIST Special Publication 800-115 Technical Guide to Information Security Testing and Assessment. CreateSpace, Paramount, CA (2012)Google Scholar
- 4.Souppaya, M., Scarfone, K.: Guide to enterprise patch management technologies. National Institute of Standards and Technology, NIST SP 800-40 (September 2012)Google Scholar
- 5.Yang, G., Chen, D., Xu, J., Zhu, Z.: Research of intrusion detection system based on vulnerability scanner. In: 2010 2nd International Conference on Advanced Computer Control, ICACC, pp. 173–176 (2010)Google Scholar
- 6.Kavanagh, K.: Marketscope for vulnerability assessment. Gartner, Inc. (August 2011) G00230435Google Scholar
- 7.Kavanagh, K., Nicolett, M.: Marketscope for vulnerability assessment. Gartner, Inc. (April 2011) G00211846Google Scholar
- 8.Nilsson, J., Virta, V.: Vulnerability scanners. Royal Institute of Technology, Stockholm (2006)Google Scholar
- 9.Wack, J., Tracy, M., Souppaya, M.: Guideline on network security testing. National Institute of Standards and Technology, NIST SP 800-42 (October 2003)Google Scholar
- 10.Beale, J., Deraison, R., Meer, H., Temmingh, R., Walt, C.V.D.: Nessus Network Auditing. Syngress Publishing (2004)Google Scholar
- 11.Microsoft: Microsoft baseline security analyzer v2.2 (July 2010), http://microsoft.com/en-us/download/details.aspx?id=7558
- 12.McAfee: Mcafee vulnerability manager v7.5 (December 2012), http://www.mcafee.com
- 13.BeyondTrust: Retina network security scanner v5.18 (2012), http://beyondtrust.com
- 14.Rapid7: Nexpose vulnerability management v5.5.12 (2012), http://www.rapid7.com
- 15.Tenable: Nessus vulnerability scanner v5.0.2 (February 2012), http://www.tenable.com