Configuring scan credentials
Performing authenticated scans using credentials gives you access to more comprehensive assessments of your network and assets than unauthenticated scans would. Authenticated scans can check for software applications, packages, and verify patches. Assets in the scanned site use the credentials to authenticate the scan engine the same way they would an authorized user.
Topics in this section explain how to set up and test credentials for a site as well as shared scan credentials, which you can use in multiple sites. Certain authentication options, such as SSH public key and LM/NTLM hash, require additional steps, which are covered in related topics. You can also learn best practices for getting the most out of credentials, such as expanding authentication with elevated permissions.
Shared credentials vs. site-specific credentials
Two types of scan credentials can be created in the application depending on the role or permissions of the user creating them::
- Shared credentials: Can be used across multiple sites.
- Site-specific credentials: Can be used only with the site they are configured for.
| Credential Type | How to create this credential | Possible actions as Global Admin or user with Manage Site permissions | Possible actions as Site Owner |
|---|---|---|---|
| Shared | A Global Administrator or a user with Manage Site permissions on the Administration > Scans > Shared Credentials > Manage shared credentials for scans page. | Create, edit, or delete credentials, assign them to a site, or restrict them to an asset. Enable or disable the use of the credentials in any site. | Enable or disable the use of credentials in sites they have access to. |
| Site-Specific | A Global Administrator or Site Owner in the configuration for a specific site. | Create, edit, delete, enable or disable in a specific site. | Create, edit, delete, enable or disable in a specific site. |
Credentials and the expert system
The application uses an expert system to chain multiple actions together to get the best results when scanning. For example, if Vulnerability Management (InsightVM) is able to use default configurations to get local access to an asset, it will trigger additional actions using that access. This means you may see scan results with deeper insights and vulnerabilities than expected with the credentials provided.
For example, if some scan targets cannot be accessed with the specified credentials, but can be accessed with a default password, you will also see the results of those checks. This behavior is similar to the approach of a hacker and enables to find vulnerabilities that other scanners may not. Learn more in our blog: Vulnerability Management and Expert Systems .