Used to locate and identify vulnerabilities in servers, workstations, and other network hosts. This scan typically examines open ports and services and can offer visibility into the configuration settings and patch management of scanned systems.

The assessment of policies and practices to prevent unauthorized access to private or public networks and network-accessible resources.

Used to identify vulnerabilities that might allow database-specific attacks like SQL and NoSQL injection, as well as general vulnerabilities and misconfigurations in a database server.

The identification of security vulnerabilities in web applications and their source code by using automated vulnerability scanning tools on the front-end or static/dynamic analysis of source code.