![]() ![]() The difference in scan results almost speaks for itself. The results of a credentialed scan of the same machine identified 19 vulnerabilities. Similarly, an un-credentialed scan of an out-of-date Ubuntu 16.04 LTS machine resulted in a few informational items, but no vulnerabilities, being identified. Conversely, a credentialed scan of the same system identified over 215 vulnerabilities. ![]() ![]() As an example, a test of an un-credentialed Nessus scan of a partially patched Windows 7 virtual workstation resulted in 20 vulnerabilities being identified and the operating system being misidentified as Windows XP. The BenefitsĬredentialed scanning provides more accurate scanning to better identify weak configurations, missing patches and similar vulnerabilities, which in turn further strengthens the security program (or at least provides insight on where improvements are needed). On a Linux system, the credentials (user ID and password or SSH key) are typically for a user with rights to query operating system files and details. On a Windows system, the credentials (user ID and password) are typically for a domain user with rights to log in to administrative file shares, remote registry services and similar Windows services. Vulnerability scan tools allow the user to insert credentials that the scanner will use to log in during testing. While there are many reasons to perform credentialed scans, it’s important to first understand a bit more about credentialed scanning to determine if credentialed scans are right for your organization. This enhanced understanding is what credentialed scanning brings to the table. It can be generally useful, but much more information can be gathered in person since tests can be performed that will yield more accurate results and diagnoses. To give you an analogy, traditional un-credentialed scanning would be like a doctor diagnosing you over the phone. Performing credentialed scanning allows you to take a deeper look at your systems from a security standpoint than un-credentialed scanning. Ideally, you would have more insight into vulnerabilities and potential means of exploitation in your environment than your adversaries (i.e., attackers) would. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |