The Symantec Vulnerability Assessment (VA) scan is a service that performs a scan searching for the common entry points on a website’s server for the domain you enrolled in for with a purchase of certain Symantec SSL certificates.
When you activate vulnerability assessment, Symantec with scan your website network each week for common entry points which, if breached, could threaten your online security. Example of this would be outdated server software or insecure ciphers that are configured when SSL is initiated. You will then receive the results of the scan in a downloadable PDF report highlighting the most critical vulnerabilities that will be accessed through your Symantec User Portal. Non-critical vulnerabilities are listed in the section labeled “Informational.”
You can activate or deactivate vulnerability assessment from within your account. Once you activate vulnerability assessment, your first PDF report should be available for you to download within about 24 hours. After that, Symantec will run the scan weekly, and generate each new report within about 24 hours of the scan.
Only the presence of critical vulnerabilities (not informational) will trigger an alert in your console. Your report will be available for download each week whether or not you have critical vulnerabilities.
What types of vulnerabilities does the scan detect?
- The VA will scan for the most common types of vulnerabilities, which include outdated or unpatched software, cross-site scripting (XSS), SQL injection, and “backdoors.” As hacking technology changes, we update the scan accordingly to detect those vulnerabilities.
What type of files or scripts does vulnerability assessment detect?
- The VA will scan any active content on the website that accepts user input, without regard to the type of file or script. We also check for software with known vulnerabilities, such as outdated versions of outdated server software, and Commerce package or WordPress systems.
After you purchase a product with the VA feature:
- By default the VA scan is turned off as some clients do not want or already have a VA scan performing checks on their systems. In order to receive the benefit of the service you must opt-in which you would do from within the console of where you manage the SSL certificates for the site you wished to be scanned. Only a customer with a valid SSL certificate may opt-in to the service.
- The site must be externally accessible for scanning with no access credentials required.
- Either your hosting provider or internal organizations could be blocking the types of scans and tests that the Symantec VA service performs. If that is the case you need to set up exceptions for the IP addresses that the Symantec VA service provides.
What are remediation referrals?
- Symantec does not take part in resolving the vulnerabilities found but they have a recommended list of industry leaders who can work with you to eliminate your vulnerabilities and help keep your site and network running optimally. These referrals range from consultants to software vendors, all of whom specialize in vulnerability remediation. To see the remediation referral list, refer to INFO1746.
The Vulnerability Scanning Service is a free gift with any purchase of a Symantec SSL Certificate. Customers have the option to Opt out of these services at any time within their User Portal. If you are not using any other third part Vulnerability Scanning services it will be a nice welcoming addition to protect your network and your customers/employees.