Why is Symantec scanning my website for vulnerabilities? A little about Vulnerability Assessment

book

Article ID: 158028

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Why is Symantec scanning my website for vulnerabilities? 

Resolution

Symantec offers an opt-in service called Norton Trust Services that provides a vulnerability assessment service for websites. The websites in question that have opted in are given the option to add a Norton Secured Seal to their website showing they are a part of this service. 

 

Vulnerability Assessment Service uses the following IP addresses and server names:
•    VBLADEAF001  46.4.95.23  (scan1.ws.symantec.com)
•    VBLADEAF002  46.4.85.9  (scan2.ws.symantec.com)
•    VBLADEAF003  46.4.85.14  (scan3.ws.symantec.com)
•    VBLADEAF004  46.4.94.227  (scan4.ws.symantec.com)
•    VBLADEAF005  46.4.94.230  (scan5.ws.symantec.com)
•    VBLADEAF006  46.4.94.239  (scan6.ws.symantec.com)
•    VBLADEAF007  67.192.122.132  (scan7.ws.symantec.com)
•    VBLADEAF008  204.232.241.139  (scan8.ws.symantec.com)
•    VBLADEAF009  46.4.94.143  (scan9.ws.symantec.com)
•    VBLADEAF010 5.9.77.176  (scan10.ws.symantec.com)
 
For more information see: Vulnerability Assessment Key Services and Features

Additional details can be found in the Connect article Why am I getting IDS alerts on vulnerability scans from Symantec?