How To Create an Internal Unauthenticated Vulnerability Scan
Learn how to conduct internal unauthenticated vulnerability scans to identify potential security weaknesses within your organization's network.
Written by Liam Downward
Updated at May 21st, 2025
- User Manual
- Self Onboarding Guide
- Agents
- The Cyber Risk Assessment Process
- PSA Integrations
- General Questions and Troubleshooting
- The Cyber Risk Assessment Process (Video Tutorials)
- Sales and Prospecting Articles
- CYRISMA Partner Portal Access
- Glossary
- API Documents
- CYRISMA Change Log
- Support Ticket SLA
- Billing Questions
-
Navigate to Schedule a Scan:
- Go to Vulnerability Scan > Schedule a Scan > Create.
-
Name the Scan:
- Enter a descriptive name for your scan, such as "VS_INT_UnAuth_1".
-
Select Scan Type:
- Choose the "Internal - Unauthenticated" option.
-
Choose Agent:
- Select the desired agent for the scan. Typically, it is recommended to run this from a server.
To ensure full scan coverage and accurate vulnerability results, Internal Authenticated Vulnerability Scans require selecting an Agent Group.
The Agent Group enables each agent to use local machine credentials to scan its own system.
This setup ensures that vulnerabilities are properly detected on each target machine.
If no Agent Group is selected, the scan may run without the necessary credentials—resulting in incomplete or missing findings.
-
Enter Internal IP:
- Input the internal IP address in the designated field, using the appropriate subnet (e.g.,
/24). To find your private IP, open a command prompt and typeipconfig.
- Input the internal IP address in the designated field, using the appropriate subnet (e.g.,
-
Schedule the Scan:
- Choose when you would like the scan to run and select the option to Notify When Complete.
-
Submit the Scan:
- Once all settings are configured, click Submit to finalize and schedule the scan.
By following these steps, you can efficiently set up an internal unauthenticated vulnerability scan to assess your network's security posture.