You can use an authenticated scan to test vulnerabilities on devices by checking the operating system, installed software, and operating system patches. Authenticated scans will also lower the percentage of false positives since it allows the scanner direct access using SSH or RDP. To see which operating system patches are missing, and which third-party applications are installed, you must provide access to the registry by way of the Remote Registry Service in Windows.
To add authentication to an existing or new scan, do the following:
- Log in to beSECURE.
- In the upper-left corner of the Home page, select DevOps.
- Select Scans > Scan List.
- Select an existing scan or select the New
button to create a new scan. - Under the Settings tab, select the Authentication tab.
- In the Stored Credentials box, select the credentials to use with the scan, or add new credentials by populating the Windows Username, Windows Password, Windows Domain, and SSH Authentication parameters. Note: When adding a new SSH Host, leave the Port box empty to use port 22.
- Select Modify to save your changes.
For information on troubleshooting authenticated scans, see Troubleshooting Problems with Authenticated Scans.
For information on storing credentials, see What credential storage options are available?