Scan Details Parameters
See below for details regarding each scan parameter:
Settings tab
Main tab
| Parameter | Description |
|---|---|
| Scan Name (required) | The name to use for the scan. |
| LSS (required) | The Local Scanning Server (LSS) to use with the scan. |
| Organization (required) | The beSECURE Organization to associate with the scan. |
| New Organization - Name | If you did not make a selection for the Organization parameter, you can create a new Organization to use with the scan by entering a name for it in this box. This parameter becomes available when the Organization parameter is set to New Organization. |
| New Organization - Parent Organization | If you did not make a selection for the Organization parameter, you can create a new Parent Organization to use with the scan by entering a name for it in this box. This parameter becomes available when the Organization parameter is set to New Organization. |
| Association(s) |
Assign Account Profile(s) to the Organization by clicking on each desired profile name in the Available box to move it to the Assigned box. Providing an Account Profile(s) with an association to an Organization provide each profile the ability to see the scan results without providing ownership on the Organization. This parameter becomes available when the Organization parameter is set to New Organization. |
| Contact Person (required) | The desired contact registered in your beSECURE account to receive email notifications regarding the scan (see the Notifications parameter under the Reporting tab for more information). This parameter becomes available when the Organization parameter is set to New Organization. |
| Hostname / IP Address Range (required) | The name or IP address range for the host to scan. Use the Import button to import a CSV file, or the Resolve button to resolve the host. NOTE: Hostnames/IP addresses provided must be unique for the specified Parent Organization, two different Scans assigned to the same organization should have no common target hosts. Use a comma or a new lines to separate different IPs or Hostnames. Use network dividers such has /8 (A-class) or /24 (C-class) to define subnets. Use '-' to define ranges (For the last digits only, i.e. 192.168.1.100-120). |
Authentication tab
| Parameter | Description |
|---|---|
| Stored Credentials | The credentials stored in your beSECURE account to use for Windows and SSH authentication. In the Store Credentials box, select credentials from the Credentials Storage section of your beSECURE account. To configure your Windows computer for authenticated scanning, see Authenticating a Windows Machine. |
| Windows Username | The Windows username to use to authenticate the scan on the target Windows machine(s). Enter a username in this parameter if credentials are not selected for the Stored Credentials parameter. |
| Windows Password | The Windows password of the username entered in the Windows Username parameter. Enter the password that corresponds with the Windows Username parameter if credentials are not selected for the Stored Credentials parameter. |
| Windows Domain | The Windows domain, domain admin, or server domain of the group for the target Window machine(s). Enter the domain that corresponds with the Windows Username parameter if credentials are not selected for the Stored Credentials parameter. |
| SSH Authentication | The SSH authentication for Linux/Unix OS to use with the scan. To add SSH Authentication, click Host List to select from existing hosts registered in your account, or click Add New Host to enter a Hostname and Port. |
Hostname / IP Address Range tab
| Parameter | Description |
|---|---|
| Include | The hostname(s) and/or IP address(es) range to include in the scan. Optionally, click Import to import a CSV file, or Resolve to resolve the host. |
| Exclude | The hostname(s) and/or IP address(es) range to exclude from the scan. Optionally, click Import to import a CSV file, or Resolve to resolve the host. |
Additional Settings tab
| Parameter | Description |
|---|---|
| Ping Host(s) | If selected (default), the scanner pings the hosts entered in the Port Range parameter and only scans the ports which answered. If this parameter is cleared, the scanner spends more time trying to reach each host until it gives up, therefore, increasing the scan duration. |
| Port Range | The range of ports to scan. |
| Full Port Range | If selected (cleared by default), enters the full port range (1- 65535) to the Port Range parameter to scan. |
| Exclude Ports | The ports to exclude from the scan. |
| Restrict testing to provided port range | If selected, restricts the scanner to only search for vulnerabilities in the range entered in the Port Range parameter; no other ports are scanned. |
| SNMP Community Name | The SNMP community name to use with the scan. An SNMP community string is a means of accessing statistics stored within a router or other device. It can be added when scanning routers and switches. |
| Scanning Profile | The Scanning Profile to use with the scan. A Scanning Profile allows you to decide to perform a "Complete" scan that include host discovery (host information) and a vulnerability check, or a "Host Information" scan which is only a Host Discovery. See Scanning Profiles to view or manage profiles. |
| Tests to Exclude | Specifies the tests to exclude from the scan. |
| Tests Excluded | Displays the all of the tests entered in the Tests to Exclude parameter. |
| Tests to Include | Specifies the tests to include with the scan. Included test override all the other tests. |
| Tests Included | Displays the all of the tests entered in the Tests to Include parameter. |
Scan Customization tab
| Parameter | Description |
|---|---|
| Banner-based checks | If selected (cleared by default), the scanner looks at the banners and reaches a conclusion about the vulnerable character of the machine, according to the information mentioned on the banner. IMPORTANT: It is not recommended to select this parameter as it may lead to false positives due to backporting actions, etc.
|
| Scan up to <#> Hosts in parallel | Specifies the number of hots to scan in parallel. |
| Compliance Template | Specifies a CIS benchmark to use with the scan. CIS benchmarks are configuration baselines and best practices for securely configuring a system. Each of the guidance recommendations references one or more CIS controls that were developed to help organizations improve their cyberdefense capabilities. |
| RTT Timeout | Specifies the RTT timeout in milliseconds. For Ping and Traceroute, this parameter measures the round trip time between sending the Ping packet and getting the ICMP packet back. For TCP connections it is quite similar; it measures the time sending a packet to getting the acknowledgment packet from the target host. |
| Use ICMP Echo | If selected (cleared by default), the scan uses the ICMP Echo protocol to run the ping. |
| Run ICMP Echo Unprivileged | If selected (cleared by default), allows an unprivileged user to run the IMCP Echo protocol as the ping option. |
| Use TCP SYN | If selected (cleared by default), uses the TCP Synchronize protocol with the scan. |
| Use TCP ACK | If selected (cleared by default), uses the TCP Acknowledge protocol with the scan. |
Device Collector (Optional) tab
| Parameter | Description |
|---|---|
| Collector Type | Specifies the type of collector to use with the scan. See Device Collector for more information on setting up a Device Collector in beSECURE. NOTE: Some collectors require additional parameters to be entered once selected. See the vendor's documentation for more information. |
| Last Log Entry | Displays the last change that happened in the scan score with regard to the collector specified in the Collector Type parameter. |
| URL | Displays the management URL of the collector specified in the Collector Type parameter. |
| Username | The username to authenticate with the collector specified in the Collector Type parameter. |
| Password | The corresponding password to use with the username specified in the Username parameter. |
| CIDRs | Specifies the Classless Inter-Domain Routing (CIDR) IP address(es) to use with the scan. |
Permissions tab
| Parameter | Description |
|---|---|
| Owned By | Specifies the Assigned Account Profiles that can edit the scan. |
Reporting tab
| Parameter | Description |
|---|---|
| Contact Person | The desired contact registered in your beSECURE account to receive reports and email notifications regarding the scan (see the Notifications parameter for more information). |
| Notifications | Specifies which real-time email notifications will be sent to the Account Profile selected in the Contact Person parameter whenever the Scan Starts, Scan Finishes, and/or Scan Result Change(s). All notifications are selected by default. |
| Customization Name |
Specifies the preconfigured report stored in your beSECURE account (if any) to use with the scan. |
| Report Name | The name of the report. |
| Format | Specifies if the report is generated in PDF or XML format. |
| Report Type | Specifies the type of report to send (Complete (full report), Filtered (results filtered by way of vulnerability name), or Differential (compares results from two different scans)). |
| PDF User Password | If the Format parameter is set to PDF, optionally enter a password to password-protect the PDF once it is generated. |
| Report Style | The style of report to generate. |
| Vulnerability Name | Specifies the vulnerability name to filter by for the report. This parameter is becomes enabled when the Report Type parameter is set to Filtered. |
| Risk | Specifies the number of High and Medium vulnerability per scan/per ports and services, etc. This parameter is becomes enabled when the Report Type parameter is set to Filtered. |
| Hostname / IP Address | The hostname(s) and/or IP address(es) to filter by for the report. This parameter is becomes enabled when the Report Type parameter is set to Filtered. |
| Service and Port | Specifies the service and port in which the vulnerabilities were detected to filter by for the report. This parameter is becomes enabled when the Report Type parameter is set to Filtered. |
| Test ID | The test ID to filter by for the report. This parameter is becomes enabled when the Report Type parameter is set to Filtered. |
| Category | Specifies the category the vulnerability. This parameter is becomes enabled when the Report Type parameter is set to Filtered. |
| Vulnerability Age | Specifies the age of the vulnerability since it was first detected in the system. This parameter is becomes enabled when the Report Type parameter is set to Filtered. |
| CVSS Score | Specifies the CVSS score. Common Vulnerability Scoring System (CVSS) is a free and open industry standard for assessing the severity of computer system security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat. This parameter is becomes enabled when the Report Type parameter is set to Filtered. |
| OS Type | Specifies the operating system to filter by for the report. This parameter is becomes enabled when the Report Type parameter is set to Filtered. |
| Asset Group | Specifies the group of assets to filter the report by. See Asset Groups for more information. This parameter is becomes enabled when the Report Type parameter is set to Filtered. |
| Show Persistent Vulnerabilities | If selected (cleared by default), displays the vulnerabilities that are recurrently seen over time either because they were not remediated or need remediation. This parameter is becomes enabled when the Report Type parameter is set to Differential. |
| Show New Vulnerabilities | If High, Medium, and/or Low are selected (cleared by default), displays new vulnerabilities detected in a scan relatively to the same scope scan at a earlier date, based on the severity levels selected. This parameter is becomes enabled when the Report Type parameter is set to Differential. |
| Show Remediated Vulnerabilities | If selected (cleared by default), displays all remediated vulnerabilities. This parameter is becomes enabled when the Report Type parameter is set to Differential. |
| Show Open Ports | If selected (cleared by default), displays all open ports. This parameter is becomes enabled when the Report Type parameter is set to Differential. |
Other tab
| Parameter | Description |
|---|---|
| Web Scans | Displays any associated web scans for the hostnames/IP addresses. |
| Network Discovery |
Displays which hostnames and/or IP addresses entered in the Hostname / IP Address Range (required) parameter on the Settings > Main tab are live before the scan is run. This allows you to know which IP addresses you should scan without consumption of your license. To perform a discovery manually, click Perform Discovery. Choose which hostnames/IP addresses to insert in your scan range. To export the discovered hostnames/IP addresses to an Excel file (.xlsx), click Export. You can find your exported file in your web browser's current save location. |
| Comment | Displays any custom comment entered by you. |