Which SSL product includes the vulnerability scan?
The service is included at no additional cost with the following products
MPKI for SSL
- Premium SSL with Extended Validation
- Standard SSL with Extended Validation
- Premium SSL
- Symantec Secure Site Pro with EV
- Symantec Secure Site with EV
- Symantec Secure Site Pro
Why hasn't Symantec Vulnerability Assessment service scanned my site or cannot contact my server?
- In order to receive the benefit of the service you must opt-in which you would do from within the console of where you manage the SSL certificates for the site you wished to be scanned. Only customer's with a valid SSL certificates may opt-in to the service.
- The site must be externally accessible for scanning with no access credentials required.
- Either your hosting provider or internal organizations could be blocking the types of scans and tests that the Symantec VA service performs. If that is the case you need to setup exceptions for the IP addresses that the Symantec VA service provides. Please click here for documentation.
Which IP addresses does Vulnerability Assessment Service scan from?
Vulnerability Assessment Service can create multiple entries in your website's logs and could cause issues with other software like intrusion detection systems. For this reason, you might want to create filters that allow access.
Vulnerability Assessment Service uses the following IP addresses and server names:
- VBLADEAF001 188.8.131.52 (scan1.ws.symantec.com)
- VBLADEAF002 184.108.40.206 (scan2.ws.symantec.com)
- VBLADEAF003 220.127.116.11 (scan3.ws.symantec.com)
- VBLADEAF004 18.104.22.168 (scan4.ws.symantec.com)
- VBLADEAF005 22.214.171.124 (scan5.ws.symantec.com)
- VBLADEAF006 126.96.36.199 (scan6.ws.symantec.com)
- VBLADEAF007 188.8.131.52 (scan7.ws.symantec.com)
- VBLADEAF008 184.108.40.206 (scan8.ws.symantec.com)
- VBLADEAF009 220.127.116.11 (scan9.ws.symantec.com)
- VBLADEAF010 18.104.22.168 (scan10.ws.symantec.com)
What’s the difference between vulnerability assessment and malware scanning?
Vulnerability assessment scans for and reports on entry points for security breaches. Malware scanning finds harmful software already on your site and network. If you have malware on your site, it probably means that an entry point already has been breached. When you repair the vulnerabilities on your site, you help deter potential breaches, including malware.
Now that I have vulnerability assessment, do I really need malware scanning?
Yes. Vulnerability assessment doesn’t detect malware; it only shows you entry points that could be exploited to inject malware. When used together, malware scanning and vulnerability assessment provide complementary functions to help keep your site safe.
How will vulnerability assessment affect my website and network? What are the risks?
All vulnerability scanning services enter your website to find vulnerabilities. This inherently carries some risk. We have made every effort to minimize the risks associated with our vulnerability assessment.
The scan may cause slight performance delays (for example, page loading time). It also may trigger intrusion detection or other systems during scanning. The risk to a particular site or network varies from system to system. There is no system risk between scans.
I already have vulnerability scanning. Why would I need another one?
You can use our vulnerability assessment to cross-check the results of any other scan for an added security layer.
What ports does vulnerability assessment scan?
We scan all commonly used ports—more than 1000 in total. Your report will list any ports we found with vulnerabilities, in the appendix section of your report.
What types of vulnerabilities does the scan detect?
We scan for the most common types of vulnerabilities, which include outdated or unpatched software, cross-site scripting (XSS), SQL injection, and “backdoors.” As hacking technology changes, we update the scan accordingly to detect those vulnerabilities.
What type of files or scripts does vulnerability assessment detect?
We scan any active content on the website that accepts user input, without regard to the type of file or script. We also check for software with known vulnerabilities, such as outdated versions of osCommerce package or WordPress.
What are the limits of the scan?
- We do not scan password-protected areas of the site, internal-facing pages, or any areas not publicly accessible.
- The scan will not detect every vulnerability.
- You cannot customize any parameters of the scan.