I am currently running a scheduled auth scan on our assets off hours (host live as we do get vulnerability results of that host). Even though, I have the correct auth profile set, the results yield Failed/Not Attempted. However, when I ran a test auth scan during work hours, the authentication was a success. Any reasons for these differences? I don't have an exact answer but some probable lines I could think of is:
- What happens if there are two different scanners trying to scan the same asset (one doing vuln scan & one doing auth/discovery scans)
- Network bandwidth?
Any other ideas?