Traditional Active Scans (Credentialed)

A traditional active credentialed scan, also known as an authenticated scan, provides a deeper insight than a non-credentialed scan. The scan uses credentials to log into systems and applications and can provide a definitive list of required patches and misconfigurations.

Because a credentialed scan looks directly at the installed software, including at the version numbers, it can assess items such as:

• Identifying vulnerabilities in the software.
• Evaluating password policies.
• Enumerating USB devices.
• Checking anti-virus software configurations.

It performs all these tasks with minimal to no impact on the device.

Benefits

• Consumes far fewer resources than non-credentialed scanning because the scan executes on hosts themselves rather than across the network.
• Non-disruptive; that is, does not have a negative effect on the network, device, or application you are testing.
• Provides more accurate results—a complete enumeration of software and patches installed on the host.
• Uncovers client-side software vulnerabilities.

Limitations

• Requires credentials management for each scanned host.
  • Large organizations can potentially struggle with creating service accounts with the proper rights and access needed to safely conduct a credentialed scan.
  • Password rotation requirements can add to management complexity.
  Note: Tenable integrates with leading password vaults and password managers to alleviate this limitation for traditional active credentialed scanning.

• Misses transient devices that are not always connected to the network.