Detections
Analytics

CSCv6|4.3

Title

Perform vulnerability scanning in authenticated mode.

Description

Perform vulnerability scanning in authenticated mode either with agents running locally on each end system to analyze the security configuration or with remote scanners that are given administrative rights on the system being tested. Use a dedicated account for authenticated vulnerability scans, which should not be used for any other administrative activities and should be tied to specific machines at specific IP addresses. Ensure that only authorized employees have access to the vulnerability management user interface and that roles are applied to each user.

Reference Item Details

Category: Continuous Vulnerability Assessment and Remediation

Family: System

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.4 Ensure no root user account access key exists - 'Access Key 1'amazon_awsCIS Amazon Web Services Foundations L1 1.3.0
1.4 Ensure no root user account access key exists - 'Access Key 2'amazon_awsCIS Amazon Web Services Foundations L1 1.3.0