We use cloud agents, but are told that we need to do an non authenticated scan as well to find remote exploits. However doing this produces an extra asset for each host scanned. We do not think that agentless tracking would help here because that would require an authenticated scan to check the HOSTID file.
Does anybody recognise this issue? Anything we can do to associate our remotely scanned assets with their cloud agents?