Skip to main content
Version: 3.24

Introduction

In this chapter, we will cover the features of Scan & Discovery from configuring Discovery and creating glossaries to viewing Scans results and auditing the module.

About the module

senhasegura, through its PAM Core module, allows centralized and secure management of various devices and credentials. To have this management, the devices and credentials must be registered in the vault, in principle.

Within an organizational environment, where there are several devices and their respective credentials, it can be difficult to register the entire park in the vault one by one, manually. It may be even more difficult to keep these records up to date with any changes that may occur in the organization's IT environment.

It was thinking about these situations that senhasegura created the Scan & Discovery module. The purpose of this module is to check the network to find connected devices and their credentials, such as passwords and SSH keys.

Scan & Discovery can connect to devices on the network using its standard protocols (SSH / TELNET, RDP) without the need to install a local agent. It collects the hostname, IP address, credentials list, privilege type, and user registration information, such as last access date and password change.

senhasegura Scan & Discovery is concurrent by default. This means that, no matter how many discoveries are registered, they will be executed in a concurrent manner depending on how many services instances are allocated to this execution, and each service thread can execute one discovery each.

Also, senhasegura discoveries support multi-ports. In the plugin tab (mentioned below), you can define multiple ports for each type of plugin.

Besides, it is possible to perform the automatic import of the objects found based on predefined glossaries, and even to monitor the unauthorized or suspicious accesses (performed outside the vault) on the network.

Among the devices that can be found by Scan & Discovery are:

  • Servers (Linux / Unix, Windows and VMWare)

  • Databases (Oracle, SQL, MySQL, PostgreSQL)

  • Network devices (Firewall, Routers, Switches, Balancers)

  • Work stations.

It is also possible to automatically identify privileged accounts in the following environments:

  • Unix

  • Linux

  • Windows, on local machines or in Active Directory

  • Oracle

  • MS SQL

  • MySQL

  • PostgreSQL

DevOps

It is important to mention that in addition to verifying devices and credentials, it is also possible to verify DevOps platforms such as:

  • Dockers: Containers;

  • Ansible: Playbooks and Roles;

  • Jenkins: Jobs, Nodes and Users;

  • Kubernetes: Secrets;