{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T05:38:04Z","timestamp":1773207484264,"version":"3.50.1"},"reference-count":29,"publisher":"MDPI AG","issue":"5","license":[{"start":{"date-parts":[[2024,2,24]],"date-time":"2024-02-24T00:00:00Z","timestamp":1708732800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Electronics"],"abstract":"<jats:p>Cybersecurity failures have become increasingly detrimental to organizations worldwide, impacting their finances, operations, and reputation. This issue is worsened by the scarcity of cybersecurity professionals. Moreover, the specialization required for cybersecurity expertise is both costly and time-consuming. In light of these challenges, this study has concentrated on automating cybersecurity processes, particularly those pertaining to continuous vulnerability detection. A cybersecurity vulnerability scanner was developed, which is freely available to the community and does not necessitate any prior expertise from the operator. The effectiveness of this tool was evaluated by IT companies and systems engineers, some of whom had no background in cybersecurity. The findings indicate that the scanner proved to be efficient, precise, and easy to use. It assisted the operators in safeguarding their systems in an automated fashion, as part of their security audit strategy.<\/jats:p>","DOI":"10.3390\/electronics13050873","type":"journal-article","created":{"date-parts":[[2024,2,26]],"date-time":"2024-02-26T11:31:21Z","timestamp":1708947081000},"page":"873","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Automation of System Security Vulnerabilities Detection Using Open-Source Software"],"prefix":"10.3390","volume":"13","author":[{"ORCID":"https:\/\/orcid.org\/0009-0001-3348-5660","authenticated-orcid":false,"given":"Jo\u00e3o","family":"Seara","sequence":"first","affiliation":[{"name":"Information Sciences, Technologies and Architecture Research Center (ISTAR), Lisbon University Institute (ISCTE-IUL), 1600-189 Lisbon, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4847-2432","authenticated-orcid":false,"given":"Carlos","family":"Serr\u00e3o","sequence":"additional","affiliation":[{"name":"Information Sciences, Technologies and Architecture Research Center (ISTAR), Lisbon University Institute (ISCTE-IUL), 1600-189 Lisbon, Portugal"}]}],"member":"1968","published-online":{"date-parts":[[2024,2,24]]},"reference":[{"key":"ref_1","unstructured":"Check Point Blog (2024, February 02). Check Point Research: Third Quarter of 2022 Reveals Increase in Cyberattacks and Unexpected Developments in Global Trends. checkpoint.com. Available online: https:\/\/blog.checkpoint.com\/2022\/10\/26\/third-quarter-of-2022-reveals-increase-in-cyberattacks\/."},{"key":"ref_2","unstructured":"IBM (2023). Cost of a Data Breach Report, IBM."},{"key":"ref_3","unstructured":"Morgan, S. (2024, February 02). Cybercrime To Cost The World $10.5 Trillion Annually By 2025. cybersecurityventures.com. Available online: https:\/\/cybersecurityventures.com\/hackerpocalypse-cybercrime-report-2016\/."},{"key":"ref_4","first-page":"5","article-title":"Can\u2019t get the staff? The growing need for cyber-security skills","volume":"2017","author":"Furnell","year":"2017","journal-title":"Comput. Fraud. Secur."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"102080","DOI":"10.1016\/j.cose.2020.102080","article-title":"The cybersecurity workforce and skills","volume":"100","author":"Furnell","year":"2021","journal-title":"Comput. Fraud. Secur."},{"key":"ref_6","unstructured":"Russu, C. (2024, February 02). The Impact of Low Cyber Security on the Development of Poor Nations. developmentaid.org. Available online: https:\/\/www.developmentaid.org\/news-stream\/post\/149553\/low-cyber-security-and-development-of-poor-nations."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"6","DOI":"10.1016\/S1361-3723(18)30073-3","article-title":"The intelligent solution: Automation, the skills shortage and cyber-security","volume":"2018","author":"Smith","year":"2018","journal-title":"Comput. Fraud. Secur."},{"key":"ref_8","unstructured":"Ko, R.K.L. (2020). Cyber Autonomy: Automating the Hacker\u2014Self-healing, self-adaptive, automatic cyber defense systems and their impact to the industry, society and national security. arXiv."},{"key":"ref_9","unstructured":"Deascona (2024, February 02). How ChatGPT Will Revolutionize the Cyber Security Industry. uxdesign.cc. Available online: https:\/\/bootcamp.uxdesign.cc\/how-chat-gpt-will-revolutionize-the-cyber-security-industry-7847cc7fc24e."},{"key":"ref_10","unstructured":"Ponemon Institute (2022). The State of Vulnerability Management in DevSecOps, Ponemon Institute."},{"key":"ref_11","unstructured":"Anderson, J. (2024, February 02). Updates to ISO 27001\/27002 Raise the Bar on Application Security and Vulnerability Scanning. invict.com. Available online: https:\/\/www.invicti.com\/blog\/web-security\/iso-27001-27002-changes-in-2022-application-security-vulnerability-scanning\/."},{"key":"ref_12","unstructured":"Shea, S. (2024, February 02). SOAR (Security Orchestration, Automation and Response). techtarget.com. Available online: https:\/\/www.techtarget.com\/searchsecurity\/definition\/SOAR."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Liu, W. (2009, January 15\u201316). Design and Implement of Common Network Security Scanning System. Proceedings of the 2009 International Symposium on Intelligent Ubiquitous Computing and Education, Chengdu, China.","DOI":"10.1109\/IUCE.2009.24"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Shah, S., and Mehtre, B.M. (2014, January 8\u201310). An automated approach to Vulnerability Assessment and Penetration Testing using Net-Nirikshak 1.0. Proceedings of the 2014 IEEE International Conference on Advanced Communications, Control and Computing Technologies, Ramanathapuram, India.","DOI":"10.1109\/ICACCCT.2014.7019182"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Wang, Y., Bai, Y., Li, L., Chen, X., and Chen, A. (2020, January 12\u201314). Design of Network Vulnerability Scanning System Based on NVTs. Proceedings of the 2020 IEEE 5th Information Technology and Mechatronics Engineering Conference (ITOEC), Chongqing, China.","DOI":"10.1109\/ITOEC49072.2020.9141812"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Chen, H., Chen, J., Chen, J., Yin, S., Wu, Y., and Xu, J. (2020\u20131, January 29). An Automatic Vulnerability Scanner for Web Applications. Proceedings of the 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Guangzhou, China.","DOI":"10.1109\/TrustCom50675.2020.00207"},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Zhang, X., Zhao, J., Yang, F., Zhang, Q., Li, Z., Gong, B., Zhi, Y., and Zhang, X. (2019, January 11\u201313). An Automated Composite Scanning Tool with Multiple Vulnerabilities. Proceedings of the 2019 IEEE 3rd Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC), Chongqing, China.","DOI":"10.1109\/IMCEC46724.2019.8983828"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Wang, C., Liu, X., Zhou, X., Zhou, R., Lv, D., Lv, Q., Wang, M., and Zhou, Q. (2019, January 5\u20138). FalconEye: A High-Performance Distributed Security Scanning System. Proceedings of the 2019 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress (DASC\/PiCom\/CBDCom\/CyberSciTech), Fukuoka, Japan.","DOI":"10.1109\/DASC\/PiCom\/CBDCom\/CyberSciTech.2019.00059"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"78","DOI":"10.1016\/j.jnca.2008.04.007","article-title":"A lightweight web-based vulnerability scanner for small-scale computer network security assessment","volume":"32","author":"Davies","year":"2009","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Kals, S., Kirda, E., Kruegel, C., and Jovanovic, N. (2006, January 23\u201326). SecuBat: A web vulnerability scanner. Proceedings of the 15th International Conference on World Wide Web (WWW \u201906), Edinburgh, Scotland.","DOI":"10.1145\/1135777.1135817"},{"key":"ref_21","first-page":"38","article-title":"Web Vulnerability Finder (WVF): Automated Black-Box Web Vulnerability Scanner","volume":"12","author":"Noman","year":"2020","journal-title":"Int. J. Inf. Technol. Comput. Sci."},{"key":"ref_22","unstructured":"Haydock, W. (2024, February 02). But Is It Exploitable? deploy-securely.com. Available online: https:\/\/www.blog.deploy-securely.com\/p\/but-is-it-exploitable."},{"key":"ref_23","unstructured":"Lyon, G.F. (2008). Nmap Network Scanning; The Official Nmap Project Guide to Network Discovery and Security Scanning, Insecure Press. Available online: https:\/\/nmap.org\/book\/toc.html."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Chalvatzis, I., Karras, D.A., and Papademetriou, R.C. (2019, January 29\u201331). Evaluation of Security Vulnerability Scanners for Small and Medium Enterprises Business Networks Resilience towards Risk Assessment. Proceedings of the 2019 IEEE International Conference on Artificial Intelligence and Computer Applications (ICAICA), Dalian, China.","DOI":"10.1109\/ICAICA.2019.8873438"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Wang, Y., and Yang, J. (2017, January 27\u201329). Ethical Hacking and Network Defense: Choose Your Best Network Vulnerability Scanning Tool. Proceedings of the 2017 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA), Taipei, Taiwan.","DOI":"10.1109\/WAINA.2017.39"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Zulkarneev, I., and Kozlov, A. (2021, January 13\u201314). New Approaches of Multi-agent Vulnerability Scanning Process. Proceedings of the 2021 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT), Yekaterinburg, Russia.","DOI":"10.1109\/USBEREIT51232.2021.9455061"},{"key":"ref_27","unstructured":"Rockikz, A. (2024, February 02). How to Get Hardware and System Information in Python. thepythoncode.com. Available online: https:\/\/www.thepythoncode.com\/article\/get-hardware-system-information-python."},{"key":"ref_28","unstructured":"Waldvogel, B. (2024, February 02). Layer 2 Network Neighbourhood Discovery Tool. github.com. Available online: https:\/\/github.com\/bwaldvogel\/neighbourhood."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Elmrabit, N., Zhou, F., Li, F., and Zhou, H. (2020, January 15\u201319). Evaluation of Machine Learning Algorithms for Anomaly Detection. Proceedings of the 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), Dublin, Ireland.","DOI":"10.1109\/CyberSecurity49315.2020.9138871"}],"container-title":["Electronics"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2079-9292\/13\/5\/873\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T14:04:17Z","timestamp":1760105057000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2079-9292\/13\/5\/873"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,2,24]]},"references-count":29,"journal-issue":{"issue":"5","published-online":{"date-parts":[[2024,3]]}},"alternative-id":["electronics13050873"],"URL":"https:\/\/doi.org\/10.3390\/electronics13050873","relation":{},"ISSN":["2079-9292"],"issn-type":[{"value":"2079-9292","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,2,24]]}}}