seleCting teChnology 153
Control: e reports should be filterable by network, IP range, •
system type, scanner, application, or network owner. You will
quickly find that once the availability of good data is known
by managers and engineers, they will ask for more. Having
in-depth knowledge of the structure of local networks, net-
work managers may ask for particular subnet reports and IP
ranges even though the audit process takes place on all IP
addresses that can be found. Essentially, what is audited for
vulnerabilities is a superset of the reports requested by the
network owners.
Owners of applications may ask for reports showing the
vulnerability state of the systems supporting their applications.
is may include a combination of routers, ...