Device Discovery Scan: This is the least intrusive scan performed. It identifies hosts which are live and provides a list of discovered devices. Device Discovery Scan helps decide the assets to consider for scanning which assists in vulnerability management implementation and scan scheduling.
Port Scan: Identifies live hosts and uses TCP and UDP scans to check whether ports are open, closed, or filtered which could create a security gap that attackers can exploit.
Web App Scan: This scan checks for vulnerabilities in web servers and web applications, such as SQL injection, cross-site scripting, unpatched web server software, weak SSL ciphers, and other OWASP Top 10 vulnerabilities. It also enables file content checks. Authentication is recommended or required for some of the checks included in this policy.
File Content Search: Searches files on Microsoft Windows, Linus, and Macintosh devices looking for Personally Identifiable Information (PII) like credit card numbers or social security numbers. Authentication is required via valid credentials for the target system(s) to be scanned or audited. If scanning a Linux or Mac device, SSH must be enabled.
Anti-Virus Scan: Collect data regarding anti-virus software such as enabled, last scan date, definition file date, and other information useful in finding whether all assets are running anti-virus.
Application Scan: Generates a list of software installed on Microsoft Windows devices. Note that the software list is generated by enumerating the Uninstall key in the Windows registry, so only software which has been registered with the operating system during installation will be included. Software placed on the system without running an installer program is typically omitted. Authentication is required.
Windows Patch Audit: Checks for the latest Microsoft Windows patches, including Microsoft Patch Tuesday vulnerabilities. Since most of the checks for Windows patches require authentication, Windows domain authentication is recommended.
Windows OS Password Audit: Conducts password guess checks against Microsoft Windows devices using password guessing and password dictionary configuration options to help enforce good password security practices. Authentication is recommended to enumerate accounts.
Network Device Scan: Helps identify vulnerabilities in routers, switches, access point, and other network devices on both wired and wireless networks.
Cloud Asset Scan: To assist in scanning your cloud environment like Amazon Web Services (AWS) or Microsoft Azure, import instances from a chosen region into your scan jobs. These instances are resolved to their current IP addresses every time the scan runs, to ensure that the correct targets continue to be scanned even if their IP addresses change. There is also an option to include all newly-created instances in future scans, to ensure that the entire environment continues to be scanned as it expands over time.
Container Scan: Enumerates the running container of a Linux target which hosts Docker or Linux Container Runtime (LXC) and then lists them. Scan can also go further and run local vulnerability checks inside of each running container; each container will appear in the scan report as an additional host which was scanned with the container name as the host name to distinguish the vulnerabilities from those found on the host itself. Requires credentialed access.
Compliance Scan: Provides benchmarking for global compliance security requirements and risk management for these frameworks: PCI DSS external scan; PCI DSS internal scan; HIPAA, FISMA; HIPAA; NERC CIP; SOX; IAVA, and NESA. Completion results are categorized as Pass, Fail, and Incomplete. This scan generates a customized compliance report.
Windows Password Guess: Conducts password guess checks against Microsoft Windows targets using the password guess and password dictionary configuration options. Authentication is recommended to be able to enumerate accounts.
Operating System Password Guess: Compromised credentials are one of the primary techniques cyber criminals use to infiltrate organizations. This audit assesses default FTP passwords as well as dictionary-based password guessing via Telnet, SSH, and FTP. Authentication is recommended to ensure user account enumeration.
Add-On Benchmark
Configuration Assessment: Benchmark configuration against a baseline of known vulnerabilities tracked by standards bodies such as CIS, NIST, and DISA to detect misconfigured systems and identify security gaps caused by human error or even malicious insiders. In this SCAP scan, Windows Management Instrumentation (WMI) and Windows Remote Registry must be enabled on the targeted host device, so authorization is required. There is an additional charge for Configuration Assessment and its report.