Credentials Configuration

The scan's Credentials configuration determines what credentials the Nessus scanners have for scanning your organization's assets. Giving your Nessus scanners credentials (referred to as credentialed scanning) allows you to scan a large network while also scanning for local exposures that require further credentials to access. You can assign credentials to your scanners at two different levels: individual scans or scan templates.

In general, giving your scanners more credentials allows them to authenticate more assets, but this ultimately depends on the scan targets and your environment. However, the scan may take longer to complete.

Fully credentialed scans may take longer to complete. However, this depends on other scan configurations and the targets being assessed. In general, fully credentialed scans are preferred, as they create less network overhead and up to ten times more information is returned to help with risk identification and prioritization.

Credentials need to have proper privileges to work (for more information, see Nessus Credentialed Checks). You may also want to provide additional security controls for credential management (for more information, see the How to Protect Scanning Credentials: Overview blog article).

For more information about Nessus scan credential settings, see Credentials.