An authenticated assetAn IP-addressable host, including but not limited to network devices, virtual servers, and physical servers. scan verifies scanned IPs within an Asset Group and detects vulnerabilities. Log inLog in (verb): Process in which an individual gains access to a computer system after providing sufficient credentials to authenticate their unique identity. Login (noun): User credentials, typically a username and matching password. as administrator or rootHigh-level user account with full administrative privileges. to perform an authenticated scanAuthenticated scans are performed from inside the machine using a user account with appropriate privileges.. See Managing Credentials in USM Anywhere for further information.
Warning: Keep in mind that an authenticated scan may fail if the local mail exchanger, which applies to Linux hostsReference to a computer on a network., is enabled in the target asset.
|Operating System||Method and Credentials||Escalation|
|Linux, BSD, Solaris, or Mac OS X||SSHProgram to securely log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another through SCP. password or public keyCryptographic key that can be used by anyone to encrypt messages intended for a particular recipient, such that the encrypted messages can be deciphered only by using a second key that is known only to the recipient (the private key). authenticationProcess used to verify the identity of a user, user device, or other entity, usually through a username and password.||sudoA program for UNIX-like computer operating systems that allows users to run programs with the security privileges of another user, by default the superuser. or su|
|Cisco IOS||SSH password||enable password|
|Windows username and password through Windows Remote Management||None|
To run an authenticated asset scan from Asset Groups
- Navigate to ENVIRONMENT > ASSET GROUPS.
Click the blue chevron icon () located next to the asset groupname you want to scan, select Full Details, and then click Actions > Authenticated Scan.
Click the blue chevron icon () located next to the asset groupname you want to scan and select Authenticated Scan to directly start the asset group scan. If the option is not enabled, you will need to add a credential, see Managing Credentials in USM Anywhere.
Click Debug Log to download the zip file
- If you click the Debug Log button located in the asset group job row, the downloaded file will include one file per scanned asset.
- If you click the Debug Log button located in the individual asset results, the downloaded file will include the information for just that asset.
Important: Debug Logs are only available for 7 days after a scan. The link will be disabled after 7 days.
Note: You can see the vulnerabilities that the scan has found below the Vulnerabilities Events tab.