Types of vulnerability scans

Vulnerability scan configurations are specified using the Administration > Integration > Vulnerability Scanning page. The Vulnerability Scan page has three tabs:

• Quick Scan – specifies the connection information, authentication method, scanner plugins, and scanner options used for a Quick Scan.

• Deep Scan – same fields and buttons as the Quick Scan tab, except that it specifies the configuration required for a Deep Scan.

• Auto Scan – specifies the event types and alert levels that are to trigger automatic vulnerability scans.

The setup tabs for the Quick scan and the Deep scan are the same. However, they are independent of one another. You can, for example, have Quick scans performed by a scanner running on one scanner server and Deep scans performed by another scanner.

The NetProfiler supports scanners from:

• Foundstone

• nCircle

• Nessus

• Qualys

• Rapid7

The NetProfiler offers more configuration options for Nessus than for the others because the other scanning systems are configured primarily through their own user interfaces.

Automatic vulnerability scanning

Manually initiating a vulnerability scan

Vulnerability scans