PRUEBA AHORA
Product Updates

Credentialed Scans: More Accuracy, More Security

3 min. read
15/11/2021
By Lucia Dochita
Credential_Scan_Blog_Image_Base_Featured
  • Remotely access credentialed devices instantly
  • Retrieve detailed and accurate device data automatically
  • Perform both credentialed and non-credentialed scans
  • Find more vulnerabilities in your network
  • Use non-credentialed scans for reliable compliance audits

What Is a Credentialed Scan?

A credentialed scan is a scan that uses login credentials on an asset it scans to get deeper access to the asset’s data. For Windows systems, this means login ID and password, for Linux systems you can also use an SSH key. This way a scanning tool can gain access to more detailed data like administrative files, registry services, and operating system files.

What is the Difference with a Non-Credentialed Scan?

A non-credentialed scan is a scan that does not use credentials to scan assets connected to a network. A non-credential scan only retrieves asset information that is exposed to the network and can thus be collected without logging into the asset. This is basic information like the name of the device or the operating system.

Why Use Credentialed Scanning over Non-Credentialed Scanning?

The advantages of credentialed vs non-credentialed scanning can hardly be overestimated. A credentialed scan identifies a multitude of detailed asset data compared to a non-credentialed scan, simply because it has deeper but still controlled access to the network assets. When keeping up with current security standards, a regular security center credentialed scan is simply indispensable. Lansweeper provides both types of scanning and combines it into an all-in-one solution for the most accurate results.

Are Credentialed Scans Safe?

While most sysadmins are hesitant to give network and system credentials out of fear of outages and security breaches, these concerns are unjustified. A credentialed scan is basically an automated administrator login that launches pre-determined requests and authorized queries. In other words, the sysadmin is in full control and decides the login credentials of the scanning tool him or herself. What’s more, with Lansweeper you get an additional layer of security by encrypting credentials before they are added to the database. At Lansweeper we take security very seriously.

What Are the Advantages of a Credentialed Scan?

Credentialed scans have some clear advantages:

  • They retrieve more detailed asset data
  • They are more accurate and can identify more vulnerabilities
  • They make compliance audits more reliable

The main advantage of credentialed scans is obviously that it increases your network security by giving you far more visibility of your assets. Visibility of your network is the first step to any security program. Credentialed scans are more accurate and result in better identification of failing configurations, missing patches, and other vulnerabilities. Lansweeper has the necessary scanning functionalities to provide you with 100% visibility of your IT estate and to help you secure your network in no time.

Creating and Mapping Scanning Credentials with Lansweeper

Your Lansweeper installation allows you to submit an unlimited number of scanning credentials. Scanning credentials are managed in the ScanningScanning Credentials section of the web console.

Scanning credentials must be created and then mapped, so Lansweeper knows when to use them. For instance, if you map a Windows credential to a domain, Lansweeper will try to use that credential for any Windows computer within that domain.

Linux, Mac, and Windows computers can be scanned locally as well with a scanning agent. Linux and Mac can be scanned with LsAgent, while Windows can be scanned with LsAgent. If you scan your computers exclusively with an agent, you do not need to submit computer scanning credentials.