> ## Documentation Index
> Fetch the complete documentation index at: https://docs.levelblue.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Running Authenticated Asset Groups Scans

|                       |               |                  |             |             |
| --------------------- | ------------- | ---------------- | ----------- | ----------- |
| **Role Availability** | **Read-Only** | **Investigator** | **Analyst** | **Manager** |

An authenticated <Tooltip tip="An IP-addressable host, including but not limited to network devices, virtual servers, and physical servers.">asset</Tooltip> scan verifies scanned IPs within an Asset Group and detects vulnerabilities. <Tooltip tip="Log in (verb): Process in which an individual gains access to a computer system after providing sufficient credentials to authenticate their unique identity. Login (noun): User credentials, typically a username and matching password.">Log in</Tooltip> as administrator or <Tooltip tip="High-level user account with full administrative privileges.">root</Tooltip> to perform an <Tooltip tip="Authenticated scans are performed from inside the machine using a user account with appropriate privileges.">authenticated scan</Tooltip>. See [Managing Credentials in USM Anywhere](../vulnerability-assessment/credentials) for more information.

<Danger>
  **Warning:** Keep in mind that an authenticated scan may fail if the local mail exchanger, which applies to Linux <Tooltip tip="Reference to a computer on a network.">hosts</Tooltip>, is enabled in the target asset.
</Danger>

<table>
  <thead>
    <tr>
      <th>Operating System</th>
      <th>Method and Credentials</th>
      <th>Escalation</th>
    </tr>
  </thead>

  <tbody>
    <tr>
      <td>Linux, BSD, Solaris, or macOS</td>
      <td><Tooltip tip="Program to securely log into another computer over a network, execute commands in a remote machine, and move files from one machine to another through Secure Copy (SCP).">SSH</Tooltip> password or <Tooltip tip="Cryptographic key that can be used by anyone to encrypt messages intended for a particular recipient, such that the encrypted messages can be deciphered only by using a second key that is known only to the recipient (the private key).">public key</Tooltip> <Tooltip tip="Process used to verify the identity of a user, user device, or other entity, usually through a username and password.">authentication</Tooltip></td>
      <td><Tooltip tip="A program for UNIX-like computer operating systems that allows users to run programs with the security privileges of another user, by default the superuser.">sudo</Tooltip> or su</td>
    </tr>

    <tr>
      <td>
        <p>Windows</p>
      </td>

      <td>Windows username and password through Windows Remote Management</td>
      <td>None</td>
    </tr>
  </tbody>
</table>

**Asset Scan Credentials and Escalation Options**

**To run an authenticated asset scan from Asset Groups**

1. Go to Environment > Asset Groups.

   * Next to the asset group name that you want to scan, click the <img src="https://mintcdn.com/levelblue-5324744e/T1hrc0hK0aza_DCc/images/central-any-app/buttons/chevron-down.svg?fit=max&auto=format&n=T1hrc0hK0aza_DCc&q=85&s=417e8bbfd7386ba83a4b629d5a935a80" style={{ height: "1em", verticalAlign: "middle", display: "inline-block", margin: "0 0.25em" }} width="20" height="20" data-path="images/central-any-app/buttons/chevron-down.svg" /> icon , select Full Details, and then click Actions > Authenticated Scan. or
   * Next to the asset group name that you want to scan, click the <img src="https://mintcdn.com/levelblue-5324744e/T1hrc0hK0aza_DCc/images/central-any-app/buttons/chevron-down.svg?fit=max&auto=format&n=T1hrc0hK0aza_DCc&q=85&s=417e8bbfd7386ba83a4b629d5a935a80" style={{ height: "1em", verticalAlign: "middle", display: "inline-block", margin: "0 0.25em" }} width="20" height="20" data-path="images/central-any-app/buttons/chevron-down.svg" /> icon and select Authenticated Scan to directly start the asset group scan. If the option is not enabled, you will need to add a credential. See [Managing Credentials in USM Anywhere](../vulnerability-assessment/credentials).

   <Warning>
     **Important:** Credentials assigned directly to an asset have higher priority than those assigned to an asset group.
   </Warning>

2. In the asset group details page, click **Scan History** in the table area to display the results of the scan.

   You can see the status of each scan and its details, which informs you if the scan has been successful or not. You can also click a line to expand the asset group row to check the individual asset results.

   Each asset group has a **Scan Details** link you can click to download a zip file containing the details of the recent scan. The link is only present for the most recent scan of each asset, and is available for one week after the scan has been run.

   Click **Scan Details** to download the zip file:

   * If you click Scan Details located in the asset group job row, the downloaded file will include one file per scanned asset.
   * If you click Scan Details located in the individual asset results, the downloaded file will include the information for just that asset.

   <Note>
     **Note:** You can see the vulnerabilities that the scan has found below the Vulnerabilities Events tab.
   </Note>