TOC & Recently Viewed

Recently Viewed Topics

Traditional Active Scans (Credentialed)

A traditional active credentialed scan, also known as an authenticated scan, provides a deeper insight than a non-credentialed scan. The scan uses credentials to log into systems and applications and can provide a definitive list of required patches and misconfigurations.

Because a credentialed scan looks directly at the installed software, including at the version numbers, it can assess items such as:

  • Identifying vulnerabilities in the software.
  • Evaluating password policies.
  • Enumerating USB devices.
  • Checking anti-virus software configurations.

It performs all these tasks with minimal to no impact on the device.


  • Consumes far fewer resources than non-credentialed scanning because the scan executes on hosts themselves rather than across the network.
  • Non-disruptive in most cases; that is, does not have a negative effect on the network, device, or application being tested.
  • Provides more accurate results—a complete enumeration of software and patches installed on the host.
  • Uncovers client-side software vulnerabilities.


  • Requires credentials management for each scanned host.
    • Large organizations can potentially struggle with creating service accounts with the proper rights and access needed to safely conduct a credentialed scan.
    • Password rotation requirements can add to management complexity.

    Note: Tenable integrates with leading password vaults and password managers to alleviate this limiation for traditional active credentialed scanning.

  • Misses transient devices that are not always connected to the network.

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable,, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.., Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.