What is vulnerability scanning?
Vulnerability scanning is commonly considered to be the most efficient way to check your site against a huge list of known vulnerabilities – and identify potential weaknesses in the security of your applications. Vulnerability scanning can be used as part of a standalone assessment, or as part of a continuous overall security monitoring strategy.
What is a web vulnerability scanner?
Vulnerability scanners are automated tools that scan web applications to look for security vulnerabilities. They test web applications for common security problems such as cross-site scripting (XSS), SQL injection, and cross-site request forgery (CSRF).
More capable scanners may be able to delve further into an application by utilizing more advanced techniques. Application security testing products, can find vulnerabilities many other scanners would miss, including asynchronous SQL injection and blind SSRF for instance.