What is a security scan?
A security scan, also known as a vulnerability scan, is a process through which a system is scanned for vulnerabilities and other possible security issues. Security scans are often automated through dedicated software and can include websites, apps, networks, servers, and other major systems.
How do security scans work?
Security scans work similarly to virus scans. The software doing the scanning has signatures of vulnerabilities to look out for which it tries to find in the system being scanned. The scanner aims to cover the entire attack surface to ensure no stone is left unturned.
Web Application Vulnerability Scanners are one type of security scanner that scan web applications. WordPress security scanning falls in this category. An example of such software is WPScan, the most popular and widely used WordPress security scanner.
They are generally run from outside the network, giving the scanner the same point of view an attacker is most likely to have. These types of scans are referred to as unauthenticated scans. On the other hand, authenticated scans scan for vulnerabilities as an authenticated user. These scans can expose additional vulnerabilities and configuration issues available to those with authentication credentials.
Within their signatures, they generally have the means to recognize vulnerabilities such as XSS (Cross-Site Scripting), SQL Injection, misconfigurations, and many others. Furthermore, security scanners are available in both commercial and open-source flavors with OWASP maintaining a listing of available security scanners as well as benchmarks.
Note: OWASP also maintains the OWASP Top 10 list of web application vulnerabilities which is definitely worth checking out. It can be used as a good benchmark when hardening your WordPress website.
The benefits of security scans
Security scanning is an important part of a strong WordPress security policy and risk assessment and management. They are often carried out as part of a penetration testing program. Security scans give administrators the opportunity to learn of any vulnerabilities in their system before attackers do, and thereby enough time to fix them.