-
Click here to register for a live workshop
-
Click here to watch a recording of this workshop
InsightVM - Reviewing Vulnerability Findings and Using Credentials
Understand your scan results and eliminate confusion when reviewing vulnerability findings
Eliminate confusion around your vulnerability findings by:
- Learning why credentials are critical for accurate vulnerability findings
- If the Insight Agent is not installed on a target, the scan engine needs creds to access the file system for vulnerability checking
- Adding or enabling credentials in your scan configurations
- Ideally you have configured *shared* global credentials for simplified administration
- Credentials need correct level of access and permissions
- Reviewing scan results to understand why vulnerabilities were detected
- Asset fingerprint certainty must show a "1" to confirm scan engine was able to authenticate fully
- Vulnerability proof section will explain why the vuln was flagged
Desired Outcome:
Ensure security team members and sys admins are clear on why vulnerabilities were discovered, and how to make necessary scan config changes to improve results moving forward.
*This workshop is applicable for Nexpose customers