Scan Now

Clicking 'Scan Now' allows configuring and starting Nessus security scanning of the selected VM gosted in a Private region.

Choose server - Only Internal server is currently available. Nessus scanner is hosted in EPAM Private Cloud.

Nessus policy - Select the Nessus policy with which the VM will be scanned. A Nessus policy is a set of rules against which the VM is scanned.

You can select one of the following Nessus policies:

Policy Name Policy Description Scan Type
EPM-Srv-noWebApp-noCreds (Default) The policy is configured for servers that do not host web applications. Operating system and Databases are checked. Web applications and networking equipment scanning is not included. No authorization is needed. Black Box
EPM-Wrk-noCreds The policy is configured for workstations scanning. Databases, networking equipment, web applications scanning is not included. Accounts are not used for scanning. Black Box
EPM-Wrk-Creds The policy is configured for workstations scanning. Databases, networking equipment, web applications scanning is not included. Local administrator account is used for scanning. Authorization allows to detect more issues on the target VM. White Box
EPM-Srv-WebApp-noCreds The policy is configured for web application servers check. Operating system, database, and web applications check is included. Networking equipment is not scanned. The procedure takes more time than the one where web applications are not scanned.No accounts are used for scanning. Black Box
EPM-Srv-WebApp-Clickjacking The policy is configured for web application servers check and provides quick urgent scanning of web applications for Clickjacking vulnerability only, with maximum page number and depths crawl. No authorization is needed for this type of scan. The policy is configured for web application servers check and provides quick urgent scanning of web applications for Clickjacking vulnerability only, with maximum page number and depths crawl. No authorization is needed for this type of scan. Black Box
EPM-FULL-Creds_ANY_ The scanning is performed without any limitations and optimization measures. All elements are scanned. All accounts that have ever been created since the VM run, are used during the procedure. The whole procedure can take significant time. White Box
EPM-Discovery The policy is configured to perform quick scanning of any network range, in order to detect new assets and unauthorized devices. The scanning allows to create the network map. Vulnerabilities check is not performed. Black Box
*If you plan to perform scanning using credentials, please contact the Security Team and provide the credentials to be used. This procedure should be performed once for each VM you want to scan manually.

As soon as you click the 'Scan Now' button, Orchestrator initiates Nessus scanning of the selected VM according to the specified parameters.

By default, security scanning is performed for the VM selected from the list. However, you can choose a different VM already from the Wizard. Click 'Back' to move to the 'Manage VM options' window where you can select a different project, region, or instance, as well as a different management option for your VM.

There is also a number of policies that need authentication for scanning. If you want your VM to be scanned with these policies, please submit a request to Security Team

Policy Name Policy Description Scan Type
EPM-Srv-noWebApp-Creds The policy is configured for servers that do not host web applications. Operating system and Databases are checked. Web applications and networking equipment scanning is not included. Different accounts are used for scanning. White Box
EPM-Windows-Torrents The policy is configured for quick scanning Windows workstations and servers for torrents and P2P applications. No other vulnerabilities will be detected. Authorization is needed. White Box
EPM-Srv-WebApp-Creds The policy is configured for web application servers check. Operating system, database, and web applications check is included. Networking equipment is not scanned. The procedure takes more time than the one where web applications are not scanned. Different accounts can be used for scanning. White Box
EPM-Lan-Creds The policy is configured for networking equipment check. Operating system, databases, web applications are not scanned. Different accounts are used for scanning. White Box
EPM_bitlocker The policy is configured to check whether Windows servers and workstations have encrypting enabled. Scanning can detect the encrypted disks and the TPM module. No other vulnerabilities checks are included. Scanning needs authorization. White box