Why Use Host Authentication?

1 - Add authentication records for your host technologies. Go to Scans > Authentication and create new records from the New menu. For each record you'll provide login credentials that our service will use to log in to each host at scan time. Each record is defined for a technology, like Windows, Unix, Oracle, etc and you can have multiple records per technology.

Did you know? For several server applications you can have authentication records created for you automatically. Learn about instance discovery and system authentication records

2 - Add authentication vaults, if applicable. We support integration with multiple third party password vaults. Go to Scans > Authentication > Vaults and tell us about your vault system. Then choose Authentication Vault in your record. At scan time, we'll authenticate to hosts using credentials retrieved from your vault.

Check the account requirementsCheck the account requirements

Who can create records?Who can create records?

For vulnerability scans you must enable authentication in an option profile and then select the profile at scan time. Go to Scans > Option Profiles. Edit an option profile (or create a new one), go to the Scan section and select each type of authentication you want to use.

Want to test authentication? Select "Enable authentication testing" in your option profile. Then run a scan using this profile to identify issues with authentication credentials before running a full scan.

Before you begin be sure the IPs you want to scan are already defined in your records.

To start your scan go to Scans > New > Scan (or Scheduled Scan) and enter your scan settings.

For a vulnerability scan, make sure you select the option profile that you've enabled with authentication.

We recommend you verify that authentication was successful after your authenticated scans finish. Be sure to resolve authentication failures before the next scan.

How to verify authentication for your scans

How to run the Authentication Report

Use the Credentials Breakdown to quickly filter your records list to show:

- Credentials that have not been attempted in the last 30 days (Unused)

- Credentials that were successful 100% of the time (Passing)

- Credentials that were not successful for some of the hosts in the record (Problematic)

- Credentials that were not successful for more than 50% of the hosts in the record (Failing)

- Credentials stored in a password vault (In Vault)

Tip - You can also search for records by type, network, title, IP address and vault type.

Drill down into record details to see pass/fail authentication status for your scanned hosts. The Updated column shows you when each host was last scanned using authentication - this is when the status was last updated.

Pass - Authentication to the host was successful.

Fail - Authentication to the host was not successful. Please refer to the Cause column for more information like the credentials used in the authentication attempt.

Not Attempted - Authentication to the host was not used (not counted as pass or fail). Perhaps you've never scanned the host using authentication or you did but the host scan data was purged. Please note - If you're in VM, we're looking at vulnerability scan data. If you're in PC, we're looking at compliance scan data. Let's say you scanned a host in PC using authentication but you didn't scan it in VM using authentication. You'll see a Pass/Fail status in PC and Not Attempted in VM.