A distributed vulnerability detection system for an intranet

Abstract

Security must be an integral element of any network. An organization's network is the basic environment connecting all users, servers and applications. Internal network security has to ensure that the corporate network is secure; therefore it includes tracking physical, endpoint and application security issues. Security testing is a crucial instrument to control network security, but there exists a need for an automated security system which helps security analysts and testers. This paper reviews the main topics related to vulnerability assessment in intranets and proposes a new distributed system to analyze security capability and vulnerability detection in intranets. The system design and implementation is also presented. This proposal is based on the open source security testing methodology manual and it is part of a wider system for automating vulnerability detection called Consensus.