111
5
Au t o m A t e d Vu l n e r A b i l i t y
Sc A n n e r S
is chapter is quite technical in some areas. If your security strat-
egy is geared purely toward compliance and passing the audit with
minimum analysis, and you are happy with that picture, you may skip
this chapter and pretend it never existed. You may continue to rely on
near-full automation in your vulnerability management strategy, but
I do need to give a warning: I would be more than happy to make a
huge wager to the eect that more than 90% of the victims of recent
unauthorized activities based their vulnerability management purely
on the use of automated assessment tools.
Automated vulnerability scanners are tools such as Nessus and GFI
LANguard, which supposedly can be