- Does the customer have an active subscription for the product?
- If HIAB, does the appliance have all the recent packages and updates?
No vulnerabilities found for product X
- Was the product detected as a component?
- Was the version detected?
Scanner - scheduler connectivity errors
- Is the scheduler and scanner in the same subnet?
- Can the scanner ping the scheduler?
- Does the scanner have the same software version as the scheduler?
WEB APPLICATION SCANNING
No vulnerabilities found on URL X
- Is the list of seed URLs correct?
- Are the seed URLs reachable from Outpost24 IP range?
- Was the scan ran with both active and passive testing?
curl + the URL of the website
|Authentication doesn't seem to work
- Does the login URL in the script establish the authenticated state (and is not just the page with the login form)?
|Cookie missing flag not reported (Secure or HttpOnly)
- Is the cookie missing the flag when visiting the website in the web browser?
- Go to the website in your web browser and inspect which flags are set on the cookie.
- Run a scan from SWAT to see if it's detected there.
|CSRF not reported
SSH Authentication error
Failed: Couldn't connect
Failed to init connection
- Are all KEX, MAC and ciphers presented by the target supported by the embedded libssh version?
The appliance doesn't update
- Is the time correct on the appliance?
- Is there any space left on the disk?
© 2024 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.