Just trying to gauge how others are managing their authentication records. I'm currently giving our Qualys set up a revamp and looking to automate tasks as much as possible.
My discovery of a device, to eventual full authenticated scan is as follows:
Map Scan ---> Light touch vuln scan to obtain tags ---> Full authenticated scan targeting tags
The initiation of the light touch is manual and this is kicked off once map results have been reviewed, hosts approved, add to the sub and the light tough scan is then kicked off.
I have a number of authentication records for our various domains. At the moment I would need to add each new device IP to the authentication record prior to running the full authenticated scan. In an ideal world I would add the entire range to the subscription but due to licensing restrictions I can't do this.
How are others managing this? Is everyone adding new device IP's to the auth record manually?
Any guidance is much appreciated