Although automated scanners and boilerplate examinations can be useful tools in determining a network’s susceptibility to certain types of published security exploits, these approaches have serious limitations. They tend to focus on producing long lists of perceived vulnerabilities without helping an IT team improve its organization’s overall security posture, and they often overlook important avenues of attack.
In real life, the most devastating and difficult-to-counter security risks arise from subtle combinations of attacks, or from a given network’s unique circumstances. Finding such flaws is technically complex, so they are unlikely to be uncovered by the checks associated with any rote procedure.
