While scanning tools like vulnerability assessment (VA) and network scanners provide valuable insight into a wide array of devices, there are limitations when relying on them for cybersecurity asset management alone. Unlike platforms that rely on network scans, Axonius automatically aggregates and correlates asset data — regardless of asset type — to deliver a comprehensive and credible asset inventory for security, IT, and risk teams.
Network scanning helps detect and collect information of hosts on a network. There are two primary types of network scanning — active and passive scanning:
Network-based Scanning: Network scanners and network discovery tools use common discovery protocols, like Simple Network Management Protocol (SNMP), Link Layer Discovery Protocol (LLDP), and ping, to compile an inventory of all devices attached to a local area network.
These scans collect information on virtual computers and networks, hardware and software on a network, and the interconnectedness between assets. Security teams leverage these tools to map their network-specific infrastructure.
Agent-based Scanning: Agent-based vulnerability scanning requires an agent be deployed on each machine to obtain a vulnerability profile for the device. This approach can provide rich context and deep insights into both the device and device characteristics. A wide range of details can be obtained, including IP and MAC address, open ports, installed software, operating system and versions, patches, users, and security vulnerabilities on the machine.
41 Madison Avenue, 37th Floor
New York, NY 10010