Vulnerability Scan of Software Code Dec 9, 2013 by Checkmarx The term Vulnerability Scan refers to an automated process of identifying security vulnerabilities in a network’s computing systems. The purpose of the scan is to determine whether a system or a program can be exploited or threatened. While servers are essential for communication and data transfer over the net, they are vulnerable to potential security breaches that are executed by threat agents such as viruses sent by malicious hackers. A Vulnerability Scan employs software that automatically searches for loopholes based on a set database of known security flaws, testing the system for the occurrence of these flaws and ultimately sending a report of the search findings. The individual or the business can then use the results to make the required changes and tighten the network’s security. Site vulnerability scanner usually refers to the scanning of systems that are connected to the web but can also refer to system security audits on off-line internal networks. This is done to estimate the threat of malicious software or unfriendly employees who may want to cause damage from within. An unintentional flaw in software code may leave it open for potential exploitation. This can be achieved by hackers who get unauthorized access or by the implementation of harmful software such as worms, viruses, “Trojan horses” and other intrusive formats of negative malware. Security exploits, also referred to as security vulnerabilities can be caused by software bugs, weak passwords that are easy to bypass, pre-infected software that’s already been accessed by a virus or even deliberate insertion of script code. These security vulnerabilities require “patches”, which eventually keep hackers and malicious agents at bay. The scan of vulnerabilities’ main purpose is to locate such security breaches, allowing developers to prevent aggressive or malicious breaks.It’s a basic and required part of any software development process in today’s dangerous and malicious cyber-space.