The Scan Process – How Does it Work?
The first step in scanning a system is to collect specific metadata from primarily .EXE, .DLL, and .OCX files on the system being scanned. Metadata is generic non-sensitive text strings embedded in the binary files from the vendors of the products. This data is collected and then sent to our Secure Data Processing Cloud where it is processed and parsed.
The data is then matched against our File Signatures, which are rules that match the raw metadata to an actual product installation.
Part of this matching process also results in an exact version being extracted from the metadata. This means that after the initial parsing Software Vulnerability Manager knows exactly which products are on the system and their exact version – a precise inventory of software on the system.
The inventory of software is then compared against the unique Secunia Advisory and Vulnerability Database, which contains the most accurate and current Vulnerability Intelligence available.
The result is a precise inventory of products, their versions, the security state of each, along with a direct reference to any corresponding Secunia Advisory detailing the exact vulnerabilities and their Secunia assessed criticality and impact.
Since the scan process works by looking at the actual files on the system being scanned, the result is extremely reliable as a product cannot be installed on a system without the actual files required being present.
This in turn means that Software Vulnerability Manager rarely identifies false-positives, and you can use the results from Software Vulnerability Manager immediately without doing additional data mining.
Software Vulnerability Manager is flexible and scalable when it comes to scanning a corporate network and you can choose to use Agent, Agent-less, or a combination of both scanning methods in the same environment.
For further information about the different Software Vulnerability Manager scanning approaches, see Scanning.
The graphic below summarizes how the Software Vulnerability Manager Agent works and compares the three Scan Types.