creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
757f1c8eae4e288d20f7dfde7f7a42a4d30cffc7
Anthropic-Cybersecurity-Skills/skills/performing-authenticated-vulnerability-scan/references/workflows.md
T

3.3 KiB
Raw Blame History

Workflows - Authenticated Vulnerability Scanning

Workflow 1: Credential Preparation and Validation

┌──────────────────┐     ┌──────────────────┐     ┌──────────────────┐
│ Create Service   │────>│ Configure Least  │────>│ Test Credentials │
│ Accounts         │     │ Privilege Access  │     │ on Sample Hosts  │
└──────────────────┘     └──────────────────┘     └──────────────────┘
                                                          │
        ┌────────────────────────────────────────────────┘
        v
┌──────────────────┐     ┌──────────────────┐     ┌──────────────────┐
│ Store in Secrets │────>│ Configure Scanner│────>│ Validate Auth    │
│ Vault            │     │ Credentials      │     │ Success Rate     │
└──────────────────┘     └──────────────────┘     └──────────────────┘

Workflow 2: Authenticated Scan Execution

  1. Pre-scan: Verify credentials, check network connectivity, confirm scan window
  2. Discovery: Host enumeration to identify live targets
  3. Authentication: Scanner authenticates to each target host
  4. Local Enumeration: Query installed packages, patches, configurations
  5. Vulnerability Assessment: Match local data against vulnerability database
  6. Report Generation: Compile findings with credential success metrics
  7. Post-scan: Verify no service disruption, archive results

Workflow 3: Credential Success Monitoring

Scan Completion
    │
    ├──> Check Plugin 117887 (Local Security Checks)
    │        │
    │        ├──> SUCCESS: Proceed to analyze findings
    │        └──> FAILURE: Investigate cause
    │                 │
    │                 ├──> Network connectivity issue
    │                 ├──> Credential expired or changed
    │                 ├──> Firewall blocking management ports
    │                 ├──> Account locked out
    │                 └──> Insufficient privileges
    │
    └──> Calculate Credential Success Rate
             │
             ├──> Target: >95% authenticated hosts
             ├──> Alert if <90% success rate
             └──> Document exceptions for failed hosts

Workflow 4: Credential Lifecycle Management

Phase Action Frequency
Provisioning Create accounts with least privilege One-time
Distribution Deploy keys/passwords to scanner One-time
Validation Test connectivity before scans Per scan
Rotation Change passwords, rotate keys 90 days
Monitoring Audit login events in SIEM Continuous
Deprovisioning Remove accounts when scanner retired As needed
Reference in New Issue View Git Blame Copy Permalink