Performing Vulnerability Scans

Role Availability Read-Only Investigator Analyst Manager

In USM Anywhere you can run:

Note: See USM Anywhere Scans Best Practices for more information.

Commands Used in Authenticated Scans

When you run an authenticated scan in USM Anywhere, there are multiple commands executing at the same time. These commands change constantly and there are new definitions released every day. You can also verify which commands have been executing at any given moment.

Running an Asset Scan from Vulnerabilities

  1. Go to Environment > Vulnerabilities.
  2. Click New Scan.

    The Authenticated Asset Scan dialog box opens.

    Authenticated Asset Scan Dialog Box

  3. Select the assets you want to scan:
  4. Click Next.

    A new Authenticated Asset Scan dialog box opens.

    Authenticated Asset Scan Dialog Box

  5. Click Assign Credentials for assigning credentials to the assets and devices you want to scan. Click Create New Credentials for creating a credential. See Managing Credentials in USM Anywhere for more information.
  6. Click Select Another Target if you want to come back.
  7. You can select the targets to scan if you have more than one.
  8. Click Start Scan.
  9. The scan starts. Depending on the selected asset, the scan can last several minutes. When the scan finishes, you can see the status and if the scan found vulnerabilities. If you want to view the results of your scan, you need to go to the asset details page. See Viewing Assets Details for more information.

  10. Click Continue Scanning And Close.
  11. While the scan is running, a Scanning button shows. When the scan finishes, the message Scan finished. Refresh to view scan results displays.

  12. Click Refresh Scan Results to update the list.