Performance of automated network vulnerability scanning at remediating security issues
2012 (English)In: Computers & security (Print), ISSN 0167-4048, Vol. 31, no 2, 164-175 p.Article in journal (Refereed) Published
This paper evaluates how large portion of an enterprises network security holes that would be remediated if one would follow the remediation guidelines provided by seven automated network vulnerability scanners. Remediation performance was assessed for both authenticated and unauthenticated scans. The overall findings suggest that a vulnerability scanner is a usable security assessment tool, given that credentials are available for the systems in the network. However, there are issues with the method: manual effort is needed to reach complete accuracy and the remediation guidelines are oftentimes very cumbersome to study. Results also show that a scanner more accurate in terms of remediating vulnerabilities generally also is better at detecting vulnerabilities, but is in turn also more prone to false alarms. This is independent of whether the scanner is provided system credentials or not.
Place, publisher, year, edition, pages
2012. Vol. 31, no 2, 164-175 p.
Network security, Security tools, Vulnerabilities, Vulnerability detection, Vulnerability remediation
IdentifiersURN: urn:nbn:se:kth:diva-99543DOI: 10.1016/j.cose.2011.12.014ISI: 000319547600003ScopusID: 2-s2.0-84857364659OAI: oai:DiVA.org:kth-99543DiVA: diva2:542420
QC 201208012012-08-012012-07-312014-02-03Bibliographically approved