I've been trying to figure out why a recent authenticated vulnerability scan I ran is coming back with very minimal vulnerabilities. Authentication is successful on all endpoints, but there are barely any vulnerabilities detected, which I know is not the case, as there are many XP machines on the network.
The client isn't seeing any alerts on their end or any indication of security controls in place blocking the scanner, and the information gathered on the endpoints shows that all of the necessary ports are open.
I'm just wondering what else could be potentially causing problems with the scan (services that need to be enabled, dissolve-able agent issues, etc.)
Any help would be much appreciated!