There are many security assessment tools available in the market. Most of these tools are freeware and very simple to configure. Some of these tools are platform independent online based tools. To help you choose the right tools for a specific security assessment job, this post takes a look at some commonly used security assessment tools.
Security Assessment Tools
Basic Port Scanner: This type of tool can be used to search open ports and collect information on currently active services on a network. Some of these tools are designed specifically for Windows operating systems and some of them are designed for Linux operating systems. You may find many plat form free online-based port scanners that allow the user to operate a port scanning process online.
Web scanner: This type of scanner tests the configuration of the Web server and searches for scripts with known vulnerabilities. A Web scanner can also be used to test the vulnerability in remote log in by using brute force account testing to see if the password is too easy to guess or if the password is a default password.
Virus scanner: This type of scanner can be used to scan files and warn the user if a file is likely to contain a virus. This kind of tool is capable of detecting malicious software in a computer’s random access memory (RAM) or hard drive. There are a broad range of such tools available for free download. These tools are designed to detect and remove viruses such as dialers, Trojans, and many other kinds of malware.
Firewall scanner: This type of scanner provides comprehensive security auditing. It tests the configuration of a firewall and reports to the service enabled through the firewall. It can test for both proxy-based and filter-based firewalls. It can identify the level of vulnerability and find balance between usability and security.
There are also some comprehensive security assessment tools which can find the security vulnerability in multiple areas. These tools can be used to analyze the entire security architecture for an enterprise by comparing the best practice commonly used in an industry. Typically, these assessment tools will scan a computer or a network system. The result of the scanning will be used to compare with the known vulnerability stored in a database. If there is a problem, the security assessment tools will produce a report. Based on the design specifications, we may have the following types of comprehensive security assessment tools.