How to Verify Authentication for Your Scans

We recommend you verify authentication was successful for hosts that you've scanned. Be sure to resolve authentication failures before the next scan.

Check out the Authentication Report

Our Authentication Report tells you the pass/fail status for hosts that you've scanned. If authentication failed on a host we tell you the cause so you can resolve the issue.

How do I report on hosts scanned for vulnerabilities?How do I report on hosts scanned for vulnerabilities?

Go to VM/VMDR > Reports and select New > Authentication Report and run the report.

How do I report on hosts scanned for compliance?How do I report on hosts scanned for compliance?

Go to PA / PC > Reports and select New > Compliance Report > Authentication Report and run the report. Tip - If host authentication fails during a compliance scan we do not perform any control evaluation for the host.

Check out the Appendix in your Scan Results

For each scan we report authentication status in the Appendix section of the scan results. You'll see hosts that 1) passed authentication, 2) failed authentication, and 3) passed authentication but the login account had insufficient privileges.

You may notice data discrepancies in the number of assets successfully authenticated between the Summary and Appendix sections of the scan results. The total count in the Appendix section may be higher than that in the Summary section. This is because the Appendix section displays the number of assets authenticated based on instance-level segregation. The images below illustrate these data discrepancies:

Summary Section Count:

Scan results-summary section.

 

Appendix Section Count:

Scan results-Appendix section.

Want to investigate further? You can create vulnerability scan reports that include authentication status QIDs (Information Gathered). Learn more

 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy. Last updated: September, 2025