Enable Windows Logins for Local and Remote Audits

The most important aspect of Windows credentials is that the account used to perform the checks needs privileges to access all required files and registry entries which, in many cases, means administrative privileges. If Nessus is not provided the credentials for an administrative account, at best, it can be used to perform registry checks for the patches. While this is still a valid method to determine whether a patch is installed, it is incompatible with some third party patch management tools that may neglect to set the key in the policy. If Nessus has administrative privileges, it will check the version of the dynamic-link library (.dll) on the remote host, which is considerably more accurate.

The bullets below describe how to configure a domain or local account to use for Windows credentialed checks, depending on your needs.

Configure Windows

Once an appropriate account is created for credentialed checks, there are several Windows configuration options that must be enabled or disabled before scanning (for more information, see Credentialed Checks on Windows):