Networks and network devices are often attacked by various parties. For example, an attacker may attack a company's network to try to obtain company private information or obtain personal information on individuals, such as credit card information or account number information associated with the company's customers or employees. Alternatively, an attacker may try to overload a network's capacity to attempt to shut down a company's web server or network. As a result, companies are spending more time and money analyzing their networks to attempt to identify vulnerabilities of their networks.
One problem with attempting to identify network vulnerabilities is that it is often a very time consuming process. For example, a network engineer or other party typically must analyze each network device individually to identify a most likely attack point. The network engineer may then report the identified vulnerability to another party in the company who may be responsible for taking action to mitigate the risk of attack. Such a process is particularly time consuming and costly.
In addition, when a network is dynamically changing, it becomes even more difficult to identify vulnerabilities in the network. For example, when new network devices are added to the network, tracking the new network devices, identifying parties responsible for assessing the vulnerabilities associated with the new devices and reducing the potential risk associated with the vulnerabilities becomes even more time consuming and costly.