Last Updated: 2019-06-26
Purpose
This article describes the different Netsec scan stages.
Introduction
In Outpost24, Scan Stages defines the sequential phases a vulnerability assessment goes through—from port scanning and service fingerprinting to detailed scanning, detection, and reporting. Understanding these stages gives you insight into how the platform progresses through discovery, information gathering, vulnerability matching, and final result output, allowing you to fine-tune performance parameters, anticipate timeouts, and interpret intermediate results during complex security assessments.
Scan Stages
Discovery scan
The Discovery scan sends packages over multiple protocols. If the scanner gets anything back from the target, the target is confirmed to be alive.
Vulnerability scan
There are six stages.
-
Portscan - Sends packages to approximately 5500 ports (default specified port range) for UDP and TCP protocols to find open ports on the target.
-
Fingerprint - This stage uses the ports which were found open in the Portscan stage, to see which services are available on the target.
-
Scanning - It collects the information from the target such as, platform, directories, and versions.
-
Web scan (optional) - This is applicable only for web applications. It crawls over every link found and collects the information about it.
-
Detection - Compares the information collected in the scanning phase with the Outpost24 vulnerability database.
-
Report - Reports all findings found during the scan.
Related Articles
- Reports
- Log In Using LDAP
- Report Library
- Vulnerability Database
- Removing an Agent from Windows
- Delta
- Scan Blueprint
- Technical Specification
- Schedules
- Installing a Linux Agent
- Workflows
- Troubleshooting checklists
- User Management
- Check Connectivity to Agent Server
- Scan Scheduling Errors
- HIAB Deployment Guide
- Managing Tags
- Checking if Agent is Running
- Agent Installation Introduction
- Common Settings Panel
- Scanning Range
- Role Management
- Portal Icon List
- Agent Call Home
- Asset Discovery
- XML API Interface Technical Document
- Using the Agent Info Command
- Scheduled Reports
- Removing an Agent from Linux
- Solutions
- Identity and Access Management (IAM)
- Understanding Scanner and Scheduler
- Licensing Consumption
- Installing a macOS Agent
- Agent Introduction
- Setting Up an Agent Using System Proxy
- DNS Lookup in UI and in Console
- Supported Browsers
- HIAB Console
- Certificates
- Marking as False Positives
- Managing Agents
- Event Notification - Integration
- HIAB Distribution Settings
- Agent Latest Version
- Column Configuration
- PGP on User Accounts
- Event Notification - Use Cases
- Logging in to the Portal
- Firewall Rules
- Account
- Notification Settings
- Products Database
- Log In Using Single Sign-On (SSO)
- Scan Assessment Configuration
- View Templates
- Ports
- Installing a Windows Agent
- Generate Reports
- Basic Credentials
- Scan Stages
- Object Identifiers
- Subscriptions Overview
- Services
- REST API Interface Technical Document
- Getting Started with the Portal
- Scan Configuration Settings
- Scans View
- Retrieving a REST API Token From XMLAPI
- HIAB E-mail Whitelisting
- Scan Credentials
- API Examples
- Tags
- Accepting a Risk
- Importing Tags for AWS Discovery
- Discovery Scan Configuration
- Products
- Vulnerabilities
- Scan Policies
- Resource Group Management
- Download Agents
- Discussions and Commenting
- Filters
- Notifications
- 2FA on User Accounts
- Assets