UK government security center, i100 publish NMAP scripts for vulnerability scanning

The UK’s National Cyber Security Center (NCSC) has released NMAP scripts to help defenders search for specific vulnerabilities in their networks. 

On January 25, the NCSC said the trial project is a joint effort between the cybersecurity guidance organization and the Industry 100 (i100).

i100 is a cohort of public and private sector companies working with the NCSC to “bring industry and government expertise together in a way that helps us all learn lessons, identify systemic vulnerabilities and reduce the future impact of cyberattacks.”

The project is called Scanning Made Easy (SME) and is a collection of NMAP Scripting Engine (NSE) scripts developed to tackle what NCSC calls a “frustrating” problem: the use of scripts that are not suitable, or necessarily safe, to run. 

“When a software vulnerability is disclosed, it is often easier to find proof-of-concept code to exploit it, than it is to find tools that will help defend your network,” the organization says. “To make matters worse, even when there is a scanning script available, it can be difficult to know if it is safe to run, let alone whether it returns valid scan results.”

The i100 and NCSC’s script package is based on the industry-standard NSE framework

Read More: