Many organizations perform little or no regular testing on the adequacy of the security controls governing their network and Internet-facing Web site applications. Failure to periodically run internal and external network scans to identify weaknesses can prove costly when back doors are left open to hackers and malicious code. Organizations may be protected at a given moment, but new vulnerabilities appear daily, which is why networks should be consistently patched and hardened. According to the