Importance of Authentication Vs unauthenticated Vulnerability Scanning

In network & operating system VAPT, We have to assess the vulnerabilities on the outer layer & inner layers of the devices. That will provide you 90% of risk which your organization is carrying out with day to day activity. 10% risk will never be assess as there are tons of vulnerability which can’t be detect by any vulnerability management tools. You should do pentest assessment for that.

Outlet layer will usually include the vulnerabilities of protocols, ports & running services & detects vulnerabilities related to cipher as well.

Inner layers or in-depth vulnerability scanning included vulnerabilities due to vulnerable files, registries, local policies, permission settings & extra level of access.

Definition:

Unauthenticated scan(Outer layer):

1. Scanner performs the assessment on ports which are listed in the option profile.
2. Based upon open ports, Qualys will capture the services & versions which are running on those ports.
3. Once, all Qualys scan data synced with Qualys cloud platform then it will process the metadata & start mapping the vulnerabilities which can be related to vulnerable services.
4. Most of the RCE & MIMT vulnerabilities will be mapped to individual assets based upon the metadata.
5. Will discuss the major differences & benefits later.

Authenticated scans (Inner layer):

1. Qualys provide the authentication matrix for multiple Technologies like: Microsoft OS, almost all Unix based OS, Cisco, VMware products etc.
2. Performing authenticated vulnerability scans which required some ports & services that assist to get in the system like: SMB, SSH, HTTP/HTTPS.
3. It will assist Qualys scanner to look vulnerabilities inside the system & validate all type of vulnerabilities due to vulnerable files, registries, local policies, permission settings & extra level of access.
4. It is the major every security analyst suggest to perform vulnerability scanning via authenticated manner.
5. Outcomes will be drastic to see how much your environment is vulnerable & you were even not aware about that risk.
6. In my experience vulnerability count will increase by at least 10 times which you are seeing via your unauthenticated vulnerability scanning.

I will suggest, to prepare yourself & ensure resource bandwidth in the organization who is managing vulnerability & infra teams who is going to remediate the vulnerability.

Thank You, will see you in next problem.