As Practice Manager in Rapid7's Professional Services group I spend a lot of time in the field talking with customers and, as one might expect, I get my fair share of questions. Most questions are mundane, some are very unique, and some are common among many customers.
One question I get asked by many customers, which previously was difficult to answer, usually starts like this..."I love the fact I can do authenticated scans to determine the true vulnerability of my assets, but I would like to know when the credentials I provided are not valid...". The drive for this request is the need to identify unapproved or rogue devices on one's network. Many refer to these devices where standard credentials are not valid as "unmanaged assets" and previously extracting these devices from Nexpose was a challenge.
Today, however our new reporting engine and accompanying data model make extracting and reporting this data a simple task. The accompanying "Unauthenticated Assets" report provides the necessary data to identify the unmanaged devices in your environment.
Here is a sample report that gives you an idea of how it looks:
The report template is attached below. Download it and upload to your Nexpose console on the "Reports->Manage Report Templates" tab and you should be ready to go!