A flaw in any system can eat the company from the inside without you even knowing and by the time signs appear, it’s too late. However, an authenticated vulnerability scan can help in the timely detection of flaws in the system, protecting businesses and organizations from internal and external threats. While the benefits are self evident, many company’s still fail to adopt this methodology; or those that do, don’t utilize its full potential.
Ignoring the former for now, we focus on certain steps security teams and practicing companies can take to get the most from authentic vulnerability scans.
Knowing your needs
You must know what systems you want to scan with authentication. These may include systems running on a particular operating system or a reserved set of computers. Furthermore, make sure you consider network hosts, databases, relevant web applications and more that require or allow authentication via different protocols like FTP, SSH, Telnet etc. Authenticated scanning is widely used by hackers and malicious users. Therefore, it is a must for you to use it as well.
Determining what levels are to be scanned
You can determine the different user level roles for scanning like basic, managerial, administrative level and more. While you can choose any, it is highly recommended that at a minimum you at least scan at the administrative and root level. Doing so, will help you identify most of the flaws. Of course, the more users you scan the more flaws are likely to appear. We suggest that you continue to a point where results no longer vary by permissions. But then again, it depends on your preferences and needs.
Test on a few systems before opting for enterprise wide scanning
Although authenticity scans of network hosts hardly pose any problems, the same cannot be said about production environments, especially in the case of web application scanning. Nonetheless, it is advised not to take risks no matter what you are scanning, and test out the scanning process on a few systems first. The reason being; at times you may experience certain side effects like user accounts may get locked out, databases may get filled up, CPU and disk consumption might increase and more. Testing before can help you evaluate the side effects that are likely to branch out to all systems once you start scanning all.
Setting up user accounts for scanning beforehand
This may not seem very important but it can save you a lot of time and unwanted hassle. If you do this beforehand, the scanner will easily log in without being prompted to change the password. On the other hand, if you don’t, the scanner will not be able to change the password on its own. As a result, the authentication will not work, and eventually, you’ll have to run the scan again.