Purpose

This document provides an overview of a blueprint and how it can be downloaded.

Introduction

Blueprint is an encrypted collection of logs and metadata about the scanned assets. It is used for investigations performed by the Outpost24 technical service team.

A few use cases where the logs are necessary are:

  • Examination of the accuracy of the reports.
  • Potential false positives.
  • Adding detection for new software components and vulnerabilities.


Note

The option to download blueprint is available on appliances only.

Download a Blueprint

HIABs

  1. Go to Main Menu > Scan Scheduling and select the Scan History tab.
  2. Right click on status of scan where Target Done is displayed. 
  3. Click on Download Blueprint.
    Download Blueprint
  4. If the scan was performed on a local scanner, a file download is displayed to save a blueprint file, as soon as system successfully generates the blueprint. 

  5. If the scan was performed by another scanner in a distributed setup, a message box is displayed stating that download has been started and the column Download State will display Downloading. As soon as the download state changes to Downloaded, right click on the entry and click Download Blueprint again to download the generated blueprint.

    Note

    Refresh the grid to check the updated status.

Scale

  1. Go to Scans, and click on a Scan ID to view the Status.

    Download Blueprint
  2. Click on the Download Blueprint button to schedule a blueprint.

    Note

    The button is only displayed if the blueprint is available.

  3. The generated blueprints are available under the All Downloads icon in the right corner of the toolbar.
  4. To download a blueprint, click the All Downloads icon.


    All Downloads
  5. Select the blueprint from the list and click the Download icon.

The Content of a Blueprint

Blueprint contains information about a specific scan on a target. It contains data about checks performed, requests/responses and information about the health of the scan.

Warning

The blueprints contain sensitive data like usernames, passwords, detected vulnerabilities, service banners, system registry keys, etc. The blueprints are PGP encrypted for secure transmission and only Outpost24 Support team can decrypt them.


The below table lists some of the logs included in the blueprint package:

LogDescription

scan log

Scan execution flow log.

scan settings

Scan policy settings of the executed scan.

scan schema database

Credentials used for the authenticated scan and commands executed on the target along with their output.
scan module logsLogs from the execution of the different scan stages like port scanner, service identifier, registry key enumerator and bruteforcer.




Copyright

© 2021 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.