The Evolution of Vulnerability Assessment Tools Over the Years

The vulnerability assessment tools were born in the late 1990s, when the internet was not the mainstream. I remember the time when I bought a very expensive internet scratch card for 1 hour of usage. At that time, one company called Common Vulnerability and Exposure System was launched to address identifying and cataloging vulnerabilities. In 2000, only 1,020 vulnerabilities were published in the CVE database. It is also important to know that, at that time, most of the vulnerability assessments were largely manual. The security experts only perform the basic scanning that can be reviewed and verified by human analysts.

Mid-2000

It is the most important time because during this period the number of discoveries has accelerated to 400 per month. It means several technologies have changed and latest innovations have changed the face of the internet. Tools like Nessus and Qualys offered automated scanning capabilities at that time. These tools were based on the efforts of other businesses to collect the vulnerability and security threats.

At that time, business across the globe transitioned into a more complex systems, becoming a hybrid and multi-cloud system. The necessity of the highest availability and absolute security has become the foremost factor in online business. The…