Credentialed Scans Versus Non-Credentialed Scans
Credentialed and non-Credentialed scans (also respectively referred to as authenticated and non-authenticated scans) are the two main categories of vulnerability scanning.
Non-credentialed scans, as the name suggests, do not require credentials and do not get trusted access to the systems they are scanning. While they provide an outsider’s eye view of an environment, they tend to miss most vulnerabilities within a target environment. So, while they can provide some valuable insights to a potential attacker as well as to a security professional trying to gauge risk from the outside, non-credentialed scans give a very incomplete picture of vulnerability exposure.
On the other hand, credentialed scans require logging in with a given set of credentials. These authenticated scans are conducted with a trusted user’s eye view of the environment. Credentialed scans uncover many vulnerabilities that traditional (non-credentialed) scans might overlook. Because credentialed scans require privileged credentials to gain access for scanning, organizations should look to integrate an automated privileged password management tool with the vulnerability scanning tool, to ensure this process is streamlined and secure (such as by ensuring scan credentials do not grow stale).
Here are some other ways that scans may be categorized, based on use case.