Haavoittuvuusskannausmenetelmien vertaileva tutkimus

This research focused on comparing the similarities and overlaps of different vulnerability scanning methods. The aim of this study was to answer questions such as does one scanning method include all the findings from another meth-od, and could it be used to replace the other method. The research was con-ducted as an empirical study built on the design science research framework, by creating a deliberately vulnerable dedicated test environment, which was scanned using various scanning methods. The empirical study showed that even though a credentialed vulnerability scan is the most comprehensive scan-ning method compared in the study, entirely comparable results are achievable by utilizing an uncredentialed port scan in conjunction with a host-based agent scan. The benefits of this combination of methods range from easier upkeep of vulnerability scanning to improved overall security by eliminating the need for separate, dedicated scanning credentials. Furthermore, the unauthenticated port scan proved to be the weakest method. Considering the research results and consulting the surrounding literature, a deeper understanding of vulnerability scanning methods was achieved. Based on this, a framework was created to aid in selecting the best suited method for both vulnerability and compliance scanning.