If not patched and looked after regularly, a company network infrastructure and website will present flaws or weaknesses, called vulnerabilities, that can be exploited by an opponent to cause damage or perform unauthorized actions. This could result in compromising the confidentiality (e.g. private information leakage), the integrity (e.g. unauthorized modification of data), or the availability (e.g. website down) of resources.
That’s why organizations should use vulnerability assessment tools to spot security holes in their networks, website or web applications. Then appropriate remediation measures can be taken regarding the security flaws discovered.
A good practice is to act early to minimize the chances of a successful attack.
This document presents a summary of some of the most relevant but free or inexpensive tools on the market.
While most of the tools described can be used by non-expert users, there might be cases where professional help is required, such as simulating advanced attacks.