Configure network vulnerability scans to scan target network assets on a specified network segment with no agent deployment required.
 |
ImportantThis is a "Pre-release" feature and is not considered an official release. Please
review the
Pre-release disclaimer
before using the feature.
|
To configure scans in Network Vulnerability Scanner, you need:
-
A deployed Service Gateway virtual appliance with the Network Vulnerability Scanner service version 1.1.0 or later installed
-
IP addresses or FQDNs for the target network segment for vulnerability and discovery scans or target assets for external attack surface scans
-
Authentication credentials for the target network assets for vulnerability scans
Available scan templates include:
-
-
Identifies live hosts, open ports, and basic system information within a network segment
-
Helps security teams map out their organization’s attack surface within the network and understand what assets are connected
-
Has a low impact on system resources
-
Does not require credentials
-
-
-
Conducts a deep security assessment by authenticating into network devices using valid credentials or by scanning network-accessible services with no authentication required
-
Identifies vulnerabilities like missing patches, user permission issues, misconfigurations, and outdated applications in authenticated scans
-
Identifies vulnerabilities in supported network-accessible services in unauthenticated scans
-
Supports SSH private keys or passwords, SNMPv2c, and SNMPv3 credentials for authenticated scans
-
You can configure and securely store authentication information for reuse in scans in the Credential Vault.
-
-
Does not require credentials for unauthenticated scans
-
-
-
Detects unexpected exposures and other vulnerabilities in internet-facing assets
-
Helps organizations understand their security posture from an external attacker's view
-
Focuses on public IPs, domains, and subdomains
-
Identifies misconfigurations, outdated software, and leaked services
-
Results from scans can be downloaded from Scan reports or viewed and managed in asset profile screens in Attack Surface
Discovery or on risk event lists in Threat and Exposure Management.You can find detected vulnerabilities and misconfigurations by filtering for Data source: Trend Vision One Network Vulnerability Scanner.