discover security cracks and prevent hacks providing preventative cyberdefense since 2002

decorative circles
decorative circles
isometric illustration of job posting

what is a vulnerability scan?

man pointing to warning alert on phone

A vulnerability scan identifies weaknesses in your computer system and networks. This process is one of the best ways to discover what security holes exist in your system. After scanning, you'll get a detailed report from our iTecs Security Team outlining everything discovered during the scan. We can then use this information to improve your security posture.

what common types of vulnerabilities are found during a vulnerability scan?

Vulnera­bilities can come in many different forms. Some common examples include:

sql injection

SQL injection occurs when malicious code is inserted into an application's query string. The attacker uses this technique to trick the database server into executing their own commands on the victim's behalf.

syringe injecting code into a server icon
syringe injecting code into a webpage icon

cross site scripting

Cross Site Scripting (XSS) attacks occur when attackers insert malicious scripts into web pages or other applications. These scripts can steal cookies, change user settings, or even redirect users to phishing sites.

buffer overflow

A buffer overflow attack occurs when a program attempts to store more data than it has allocated space for. When this happens, the extra data will overwrite memory locations used by other parts of the program. This can lead to unexpected results such as crashing the program or allowing hackers access to sensitive information.

stack of boxes toppling icon
hacker switching credentials on a website icon

cross site request forgery

Cross Site Request Forgery (CSRF) attacks occur when a hacker tricks a user into performing actions on a website they did not intend to perform. An example would be if someone were tricked into clicking a link on a phishing email.

lack of authentication

Lack of authentication refers to situations where there is no way to verify who a person is before granting them access to resources. This includes things like passwords or login credentials.

warning alert next to a fingerprint icon
unlocked lock over a network icon

insecure cryptography

Insecure cryptography refers to situations where encryption keys are stored in plaintext or easily guessed. This makes it easy for hackers to decrypt encrypted messages.

incorrect access control

Incorrect access control refers to situations where unauthorized people have access to restricted areas. This could happen because of weak password policies or because employees forgot their logins.

arm coming out of a laptop and pressing keys
insecure server icon

poor network security

Poor network security refers to computers connected to networks without any security software installed. Hackers can exploit this situation to gain access to sensitive information.

why are vulnerability scans important?

Your organization needs to know whether there are weaknesses in the systems used to store data, process information, communicate, manage finances, or provide customer support. These critical vulnerabilities could allow hackers to access sensitive information and steal money. If you don't know how vulnerable your systems are, you won't be able to take steps to fix these problems.

A vulnerability scan provides valuable information about your current security posture. It also gives you a baseline from which to measure future improvements.  

how does vulnerability scanning work?

The vulnerability scanner looks for known vulnerabilities in your system. For example, a hacker might use a remote desktop application to log into your computer and change settings. When the hacker changes those settings, they create a backdoor entry into your system. Hackers often do this because they want to hide their tracks once inside your network. They don't want anyone else to find out they've been there.

Our team uses automated vulnerability scanning tools that look for common types of vulnerabilities. The tool scans your entire network and reports back what it finds. Our iTecs Security Team will provide you with a report detailing each weakness found and make suggestions on patch management to correct the issues.

two men scanning for bugs on a tablet computer