Use the vulnerability assessment tools to identify the vulnerabilities you need to repair. This will help protect your website or network against security breaches.
Vulnerabilities
Critical versus informational
Vulnerability assessment
Best practices
Critical versus informational
Vulnerability assessment
Best practices
A vulnerability is   a weakness or flaw in your website or network. Vulnerabilities can be exploited   to damage or compromise customer and other sensitive data, or your site. If your   site were a house, a vulnerability would be an open window or door. To protect   your house, you'd lock that window or door. Websites and networks have analogous   entry points, as well as ways to seal off those entry points for greater   protection.
  
While not   inherently dangerous, a critical vulnerability leaves your site exposed to   serious breaches. For example, someone could gain access to sensitive data,   alter your site's appearance or function, or infect your visitors' systems. How   critical a particular vulnerability is depends on two things:
1) How commonly exploited the entry point is,   and
2) How much damage a breach to that area could   cause.
For example, in a   house, doors and windows are more commonly exploited than floorboards and   chimneys. Similarly, some parts of a website or network are more commonly   exploited than others. Some areas also may contain especially confidential or   valuable data, so a breach of those parts would be more critical than a breach   of other parts.
When you activate   vulnerability assessment, we scan your website or network or both each week for   common entry points which, if breached, could threaten your online security. You   receive the results of the scan in a downloadable PDF report highlighting the   most critical vulnerabilities. Non-critical vulnerabilities are listed in the   section labeled "Informational."
You can activate   or deactivate vulnerability assessment from within your account. Once you   activate vulnerability assessment, your first PDF report should be available for   you to download within about 24 hours. After that, we'll run the scan weekly,   and generate each new report within about 24 hours of the scan.
Note:   Only the presence of critical vulnerabilities (not informational) will trigger   an alert in your console. Your report will be available for download each week   whether or not you have critical vulnerabilities.
When you are   logged into your account, you can set or change your email notification   preferences for vulnerability assessment. For example, you can choose to receive   notification emails only for critical vulnerabilities, each time a new report is   generated, or when we are unable to scan your site.  You can also choose   email recipients.
To help protect   against security breaches, it's recommend that you:
·           Activate the vulnerability assessment service.
·           If you already have a vulnerability scanning service, use   vulnerability assessment as a cross-check for your other scan's results. Scan   results can differ from company to company.
·           Designate someone in your organization to review each   report, and to have any critical vulnerabilities repaired as soon as possible. Set your email preferences to notify your designated person   when new reports are available.
·           After making repairs, rescan your site to verify the   repairs.
·           Read and follow the suggestions in the Malware Prevention   article below—they also apply to   vulnerability.

 








