TOC & Recently Viewed

Recently Viewed Topics

Traditional Active Scans (Non-credentialed)

A traditional active non-credentialed scan, also known as an unauthenticated scan, is a common method for assessing the security of systems without system privileges. Non-credentialed scans enumerate ports, protocols, and services that are exposed on a host and identifies vulnerabilities and misconfigurations that could allow an attacker to compromise your network.

Benefits

  • Ideal for large-scale assessments in traditional enterprise environments.
  • Discovers vulnerabilities that an outside attacker can use to compromise your network (provides a malicious adversary's point of view).
  • Runs network-based plugins that an agent is restricted from performing.
  • Can perform targeted operations like the brute-forcing of credentials.

Limitations

  • Can be disruptive; that is, can sometimes have a negative effect on the network, device, or application being tested.
  • Misses client-side vulnerabilities such as detailed patch information.
  • Can miss transient devices that are not always connected to the network.

Copyright 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.