What are the different scan types?

This article provides an overview of the scan and assessment types available in Security Center. 

External

The external scan engine, hosted by Holm Security, can be used to scan your public environment. The results give you a clear picture of the vulnerabilities you are exposing to the internet. 

Internal Scanner Appliance

 The Scanner Appliance is a virtual machine that you deploy in your local network. It runs scans within the local network and can be used for both web application scans and network scans. Depending on the size and configuration of your environment, you may want to use several Scanner Appliances. All results are presented in Security Center. 

Scanner Appliance for cloud environments

The Scanner Appliance is hosted in your Azure/AWS/Google Cloud-environment. Serving a similar purpose to the internal Scanner Appliance. 

System & Network Security

 System & Network Security detects and scans open ports for vulnerabilities. It can also be configured to authenticate during scans for better vulnerability coverage. 

Web Application Security

The Web Application Security scan engine crawls your website to identify vulnerabilities for each exposed URL. It can be configured with headers and authentication methods to bypass login forms and scan webpages protected by authorization. 

Cloud Security

Cloud Security helps you identify and remediate vulnerabilities across your cloud-native platforms using Cloud Security Posture Management (CSPM). It automates the detection of misconfigurations across cloud resources, helping you control cloud infrastructure risk. 

API Security

Using our API Security product, REST API scanning in a web app scan enables the scanner to inject vulnerability-detection patterns into JSON REST APIs. By supplying an Open API specification document, the scanner can detect various vulnerability types within REST APIs, including SQL injections, XXE, and deserialization issues.