Types of scans
Here are the differences between the various scans and certifications.
|
|
Vulnerabilities Identified |
Required for Certification |
||
|
Security Risk |
McAfee SECURE |
PCI |
McAfee SECURE |
PCI |
|
Scan Frequency |
Daily |
Quarterly |
Daily |
Quarterly |
|
SQL-injection |
• |
• |
• |
• |
|
Blind SQL injection |
• |
• |
• |
• |
|
SQL Database Error Disclosure |
• |
• |
• |
• |
|
Local File and Remote File Includes |
• |
• |
• |
• |
|
Directory Traversals |
• |
• |
• |
• |
|
Improper Error Handling |
• |
• |
Optional |
• |
|
Application Source Code Disclosure |
• |
• |
• |
• |
|
Authentication Bypass |
• |
• |
• |
• |
|
Insufficient Session Expiration |
• |
• |
Optional |
• |
|
Command Injection |
• |
• |
• |
• |
|
SSL Injection |
• |
• |
• |
• |
|
Malicious CGI Scripts |
• |
• |
• |
• |
|
Buffer Overflows |
• |
• |
• |
• |
|
Client Side Vulnerabilities |
• |
• |
Optional |
• |
|
Directory Indexing |
• |
• |
Optional |
• |
|
Server Nisconfigurations |
• |
• |
Optional |
• |
|
SSL encryption |
• |
• |
Optional |
• |
|
Scan Frequency |
Ongoing |
Not applicable |
Ongoing |
Not applicable |
|
Malicious Downloads |
Ongoing |
|
Ongoing |
|
|
Malicious Affiliations (links) |
Ongoing |
|
Ongoing |
|
|
Phishing Scams |
Ongoing |
|
Ongoing |
|
|
Browser Exploits |
Ongoing |
|
Ongoing |
|
|
Misuse of personal information |
Ongoing |
|
Ongoing |
|
|
Annoyances (excessive Pop-ups) |
Ongoing |
|
Ongoing |
|
