A vulnerability scanner is an application that identifies and creates an inventory of all systems connected to a network. For each device that it identifies, it also attempts to identify the operating system that is running and the software installed on it, along with other attributes such as open ports and user accounts. After building up an inventory, the vulnerability scanner checks each item in the inventory against one or more databases of known vulnerabilities. The result is a list of all the systems found and identified on the network, highlighting any that have known vulnerabilities and need attention.
