When an authenticated scan runs but doesn't generate the expected results (for example, missing MS bulletin vulnerabilities or third-party application-related vulnerability), it means that the authenticated scan didn't work. Another indicator for the failure may be the next text inside the report:

Do the following to make sure access to the registry is successful:

  1. Ensure the credentials in beSECURE are correct, including the Windows Domain name. The domain name can vary in length for each organization.
  2. Make sure the remote registry service is open on the target machine.
  3. Add the following DWORD to the registry of the target machine:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System - LocalAccountTokenFilterPolicy - DWORD - value:1