Schedule a Vulnerability Scan
Learn how to schedule a vulnerability scan to identify and address security weaknesses in your system or network.
Written by Liam Downward
Updated at April 3rd, 2025
- User Manual
- Agents
- The Cyber Risk Assessment Process
- API Documents
- General Questions and Troubleshooting
- The Cyber Risk Assessment Process (Video Tutorials)
- Sales and Prospecting Articles
- CYRISMA Partner Portal Access
- Glossary
- CYRISMA Change Log
- Support Ticket SLA
- Onboarding Framework
- PSA Integrations
- Billing Questions
- Self Onboarding Guide
Table of Contents
1. Start New Scan
In the Schedule a scan section, you can configure the key settings for a new vulnerability scan:
Select a Scan Type: Choose the type of scan from the dropdown. Options include:
- Internal Authenticated: Scans internal network targets with authentication.
- Internal Unauthenticated: Scans internal network targets without authentication.
- External - IP Addresses: Scans specified IP addresses from an external perspective.
- External - Web Application URLs: Scans web applications for vulnerabilities by URL.
- Chromebook Scan: Scans Chromebook devices in your environment.
Assign a Scan Name: Provide a unique, descriptive name to help identify the scan in reports and schedules.
Credentials: Choose the type of credentials to use:
- Default: Uses the credentials assigned during agent setup.
- Alternative: Allows you to enter alternate credentials. Include the NetBIOS domain name if applicable.
Notify When Complete: Optionally, select a user to receive a notification when the scan is completed.
Schedule: Choose when the scan should run:
- Now: Starts the scan immediately when the agent is available.
- One Time: Schedules the scan for a specific date and time.
- Recurring: Sets up a repeating scan schedule, with options for time, frequency, and duration.
Input Targets (if applicable):
- For External - Web Application URLs: Input up to 5 URLs.
- For External - IP Addresses and Internal Unauthenticated Scans: Enter IP addresses or select targets as necessary.
- For Chromebook Scan: Choose the target group or individual devices.
Once you have completed these fields, click Schedule Scan to initiate or schedule the scan.
2. Select Targets
For internal scans (authenticated or unauthenticated), you’ll need to specify targets:
Select Targets: Available targets are displayed with details such as IP Address, Vulnerability Profile, and Last Check-In date. Select each target individually.
Offline Delay Option: Configure a delay for offline targets, allowing flexibility for devices that may not be consistently connected. Options range from a 1-hour delay to 120 hours.
Reselect Agent: If necessary, select a different agent to match the target's network segment, ensuring accessibility for the scan.
3. Scheduled Vulnerability Scans
Below the Start New Scan section, you’ll find the Scheduled Vulnerability Scans table, listing all upcoming and scheduled scans. This table includes:
- Scan Name: The name assigned to each scan.
- Type: Specifies if the scan is recurring, one-time, or immediate.
- Scan Type: Indicates the type of vulnerability scan (e.g., Chromebook, Internal, External).
- Targets: Number of devices or URLs selected for the scan.
- Next Scan: Date and time for the next scheduled occurrence of the scan.
You can edit or delete scheduled scans using the icons next to each scan in the table.
Updating or Deleting an Existing Vulnerability Scan
To modify or remove a previously scheduled scan:
- Edit: Click the pencil icon next to a scan in the Scheduled Vulnerability Scans table. This opens the scan settings, allowing you to change the scan name, type, schedule, targets, or credentials.
- Delete: Click the trash icon to permanently delete a scheduled scan
