SECURITY TOPICS

Vulnerability Assessment

A vulnerability is a potential entry point through which a website’s functionality or data can be damaged, downloaded, or manipulated. A typical website (even the simplest blog) may have thousands of potential vulnerabilities.

What is Vulnerability Assessment?

Free with the purchase of every Extended Validation or Pro SSL Certificate (compare SSL Certificates), vulnerability assessment helps you quickly identify and take action against the most exploitable weaknesses on your website. Vulnerability assessment includes:

An automatic weekly scan for vulnerabilities on public-facing web pages, web-based applications, server software, and network ports. An actionable report that identifies both critical vulnerabilities that should be investigated immediately and informational items that pose a lower risk.

An option to rescan your website to help confirm that vulnerabilities have been fixed.

Website Security

Website Vulnerabilities

How Do Symantec SSL Certificates Help Keep My Site Visitors Safe?

 

  • SSL encryption protects online transactions and keeps data confidential in transmission.
  • Vulnerability assessment identifies weaknesses on your website that are most commonly used for attack.
  • Malware scanning alerts you if your website is infected with malicious software.

How Does Symantec Help Me Avoid Being Blacklisted By Search Engines?

Google, Yahoo, Bing, and other search engines scan and then blacklist or exclude any website found with malware. By using vulnerability assessment to identify exploitable weaknesses and taking corrective action, you may reduce the risk of hackers finding your site and attacking it. With daily website malware scanning, you have an early warning system if an attack occurs. Symantec includes both services for free with every Extended Validation or Pro SSL Certificate (compare SSL Certificates). Daily website malware scanning is included with every Secure Site SSL Certificate.

 

How Do Vulnerability Assessments Help Companies Manage Security?

The Symantec vulnerability scan is designed to detect the entry points most frequently used for the most common attacks. The vulnerability report categorizes vulnerabilities based on type and risk and proposes corrective actions. This combination helps businesses quickly identify and remediate critical vulnerabilities, making it easier to secure your website. Vulnerability scans that have not been fine-tuned may generate volumes of unneeded data about low priority vulnerabilities, obscuring the essential security measures that need to be taken immediately.

What Are The Most Common Types Of Attack?

SQL injection is used by hackers to gain access to your database. Cross-site scripting lets a hacker add code to your website to execute tasks. A few simple steps can protect against these common attacks if you know where the weaknesses are on your website.

Does The Norton Secured Seal Change When Vulnerabilities Are Detected?

No. A detected vulnerability does not affect the appearance of your trust mark. Vulnerabilities are not threats, they are entry points that may be exploited. By not connecting your seal to vulnerability scanning results, we help you maintain trust in your website and allow you to fix vulnerabilities on your own schedule.

What If I Already Have Vulnerability Scanning?

Vulnerability assessment does not replace PCI-compliant vulnerability scans. The service complements existing protection with an automatic weekly scan and an easy-to-read report of the most critical vulnerabilities. Free with your SSL certificate, vulnerability assessment can be combined with other scans to provide additional information to help decide how to take action.

Can I Customize My Scan?

Vulnerability assessment is designed to provide essential information without complex setup or extensive management. You may change notifications and activate or deactivate starting points if you have multiple SSL certificates with different fully qualified domain names.

Which SSL Certificates Include Vulnerability Assessment?

Vulnerability assessment is included with Symantec Secure Site Pro with EV, Secure Site with EV, and Secure Site Pro SSL Certificates. Existing customers may activate vulnerability assessment for any of these SSL certificates by signing in to the Symantec Trust Center. New customers may activate the service after they complete their purchase.

Symantec Secure Site SSL Certificates do not include vulnerability assessment and it is not available for individual purchase. To add vulnerability assessment to your service, consider an upgrade.

From Which IP Addresses Does The Vulnerability Assessment Service Scan?

The Vulnerability Assessment Service can create multiple entries in your website's logs, and could cause issues with other software like intrusion detection systems. For this reason, you might want to create filters that allow access. View a list of IP addresses and server names our vulnerability scan is using.

 

Test Your Website Security Now

Symantec CryptoReport

Check your SSL/TLS Certificate Installation.

TEST NOW
Symantec Private Certification Authority Service

Symantec Private Certification Authority Service (Private CA)

Symantec Private CA is a cost effective solution to improve the security and management of private intranet certificates while adhering to corporate and industry compliance standards.

Continue Reading

How Does SSL/TLS Work?

How Does SSL/TLS Work? What Is An SSL/TLS Handshake?

SSL/TLS are protocols used for encrypting information between two points. It is usually between server and client, but there are times when server to server and client to client encryption are needed. This article will focus only on the negotiation between server and client.

Continue Reading

A Brief History of Phishing

In 2007, Symantec celebrated its 25-year anniversary as a global leader in protecting and securing its customers from the ever-evolving threats that continue today. As a matter of fact, many of the threats Symantec routinely address today were practically unheard of in the early days.

Continue Reading

USE CASES

Symantec Website Security Solutions In The Real World

Join the Community

Join the Symantec Discussion on Symantec Connect

SYMANTEC CONNECT

Follow Threat Intelligence on Twitter @Threatintel

SYMANTEC ON TWITTER

Watch Videos on the Symantec Website Security YouTube Channel

SYMANTEC ON YOUTUBE