Credentialed scans use valid credentials (usernames and passwords) to log into systems and perform the scan from "inside." This allows the scanner to access information that is not visible from the outside, such as:
βMissing patches: The scanner can check the installed software versions against known vulnerabilities and patch levels.
βMisconfigurations: The scanner can inspect configuration files, registry settings, and other internal settings to identify deviations from security best practices.
βSoftware inventory: The scanner can accurately list all installed software, including versions, which helps in identifying vulnerabilities associated with specific software.
Non-credentialed scans only see what is exposed through network ports. They can identify open ports, running services, and potentially some banner information, but they cannot access internal system information.
A) While credentialed scans can sometimes traverse internal networks more easily, they don't inherently bypass firewalls in the sense of ignoring firewall rules. They operate within the context of the provided credentials' permissions.
B) No vulnerability scanner, credentialed or not, can guarantee zero false positives. Manual verification is always a crucial step.
C) Credentialed scans are not directly tied to intrusion detection systems or threat intelligence feeds in the way described. While the information they provide can be used in conjunction with these systems, the scan itself is a separate process.