When an authenticated scan runs but doesn't generate the expected results (for example, missing MS bulletin vulnerabilities or third-party application-related vulnerability), it means that the authenticated scan didn't work. Another indicator for the failure may be the next text inside the report:
Do the following to make sure access to the registry is successful:
- Ensure the credentials in beSECURE are correct, including the Windows Domain name. The domain name can vary in length for each organization.
- Make sure the remote registry service is open on the target machine.
- Add the following DWORD to the registry of the target machine:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System - LocalAccountTokenFilterPolicy - DWORD - value:1