Regardless of the approach, businesses must protect the integrity of their application and data by identifying potential attack vulnerabilities. Certain regulations and standards require periodic vulnerability assessments. A vulnerability assessment is an automated scan to determine the basic flaws in a system. They can be either network vulnerability, application vulnerability scanning, or a combination of both. The common factor here is that the scan is automated and generates a report of vulnerabilities or issues that may need to be addressed.