CMMCDocs.comHome / Glossary / Vulnerability Scan
Vulnerability Scan
Also known as: Vuln scan
The automated process of examining systems for known security vulnerabilities. Required periodically by RA.L2-3.11.2.
A vulnerability scan is an automated examination of in-scope systems to identify known security vulnerabilities — missing patches, misconfigurations, weak ciphers, exposed services, default credentials, and so on. Required periodically by NIST SP 800-171 RA.L2-3.11.2.
Common vulnerability scanners include Nessus (Tenable), Qualys VMDR, Rapid7 InsightVM, OpenVAS, and Microsoft Defender Vulnerability Management.
A vulnerability scan is not the same thing as a penetration test. A scan finds known vulnerabilities; a pentest actively attempts to exploit them.
Stop Googling. Start working.
CMMCDocs has all 110 NIST SP 800-171 Rev 2 requirements built in — with the language, the templates, and the evidence vault you need. Spin up a free demo workspace and click around the way an assessor would.
Get my demo account