Tracking Scan Authentication Failures

IT systems change all the time. New applications are added, configurations are changed, permissions get revised – the list goes on and on. In some cases, the changes end up restricting access to the system. For example, user accounts are removed, access is revoked, account credentials change or expire, leading to unexpected authentication failures and lockouts. And when the credentials fail, applications that depend on them fail, too. When the application that ends up failing is a vulnerability scanner (such as Nessus), it could significantly impact an organization. Most organizations run vulnerability scans on a weekly or a monthly schedule, so a missed scan (due to authentication failure) could result in missed vulnerabilities, leaving systems within an organization exposed to those vulnerabilities for weeks, if not months, before the failures are identified and rectified. To help our customers identify such failures earlier and resolve issues sooner, we recently released a new plugin, which consolidates authentication failures across various protocols and reports them in a single plugin. The plugin runs toward the end of a scan and collects results from the entire scan to provide a consolidated report. The plugin needs to be enabled in the scan policy...
Read more