A vulnerability scan is an inspection of a computer workstation, server, or network to identify susceptible points of exploit or security holes. A vulnerability scan detects and categorizes IT infrastructure weaknesses through use of automated and manual scanning tools such as Assured Compliance Assessment Solution (ACAS) and the DoD Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs). A vulnerability scan can be performed by an organization’s IT department or a third-party cybersecurity service provider. Vulnerability scans are wide scope in nature and are focused primarily to identify potential weaknesses by identifying missing patches and unsafe system configuration such as registry, and group policy settings. Vulnerability scanning is ongoing cycle of continuous system inspections and not a single event.