Browse Definitions :
Definition

unauthenticated security scan (logged-out secuity scan)

An unauthenticated security scan, sometimes called a logged-out scan, is the process of exploring a network or networked system for vulnerabilities that are accessible without logging in as an authorized user.

Unauthenticated vulnerability scans inspect the security of a target system from an outside perspective. These scans allow visibility into what a malicious hacker could access without acquiring login credentials to pose as a trusted user. Security scans, authenticated or otherwise are an important part of ensuring the security of computer systems, networked devices and networks.

A vulnerability scanner runs from the end point of the person inspecting the attack surface in question. The software compares details about the target attack surface to a database of information about known security holes in services and ports, anomalies in packet construction, and potential paths to exploitable programs or scripts

Unauthenticated scans can be performed remotely without requiring much in the way of costs and specialized knowledge. They require less internal cooperation and are less intrusive to the environment than authenticated security scans, which access system resources that are available to trusted uses. 

There are several benefits associated with unauthenticated vulnerability testing:

  1. It's easier.
  2. It requires fewer testing tools.
  3. It requires fewer internal staff resources.
  4. You can still exploit a vulnerability to gain a remote command prompt, etc.
  5. It can often be done without time constraints.

All in all, vulnerability testing from an external point of view tends to be very focused, quickly resulting in a finite set of results with little cost to the organization.

This was last updated in July 2015

Continue Reading About unauthenticated security scan (logged-out secuity scan)

SearchCompliance
  • ISO 31000 Risk Management

    The ISO 31000 Risk Management framework is an international standard that provides businesses with guidelines and principles for ...

  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

  • risk reporting

    Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

SearchSecurity
  • Melissa virus

    Melissa was a type of email virus that initially become an issue in early 1999.

  • biometric payment

    Biometric payment is a point-of-sale (POS) technology that uses biometric authentication physical characteristics to identify the...

  • Twofish

    Twofish is a symmetric-key block cipher with a block size of 128 bits and variable-length key of size 128, 192 or 256 bits.

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • fault-tolerant

    Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...

  • synchronous replication

    Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage
  • hard disk drive (HDD)

    A computer hard disk drive (HDD) is a non-volatile data storage device.

  • Remote Direct Memory Access (RDMA)

    Remote Direct Memory Access (RDMA) is a technology that enables two networked computers to exchange data in main memory without ...

  • storage (computer storage)

    Data storage is the collective methods and technologies that capture and retain digital information on electromagnetic, optical ...

Close