Thursday, October 05, 2017

Vulnerability scanner can be trusted?

Many companies use vulnerability scanners to scan their systems, websites, products often to make sure they are secured. However, the former CEO of being hacked Equifax blamed that the system had been scanned after a week when the Apache Struts vulnerability had been announced. The scanner cannot detect the presence of un-patched Apache Struts implementations.

Please see the 8th paragraph of this articie for the captioned mention statement.

May be the vulnerability scanner signatures are not up-to-date that caused this fault. So, your vulnerability scanner should be up-to-date too!

That's all! See you.