Emerging Threat Scans explained

Everything you need to know about ETS

Naomi Purvis avatar
Written by Naomi Purvis
Updated over a week ago

How do they work?

As soon as we identify a new vulnerability that could critically affect your systems, we'll automatically kick-off a scan on all your external targets (license permitting). Please note, you cannot initiate them manually.

Can I see all the ETS that have run?

Yes; just head to Scans > Emerging Threats

Where can I find more details about each ETS?

If you're on the page shown in the screenshot above, just click the one you're interested in and you'll be taken to the scan's detail page, where you'll see a whole host of details, including the targets scanned; the check published date; scan start date (and time!) scan completed date (and time!) as well as details about the check itself (CVSS rating and CVE).

You also have the option to filter your targets by Failed, Passed, Active, Unresponsive and License exceeded (which tells you which ones weren't scanned).
โ€‹


Why don't failed checks show on my issues page immediately?

Emerging Threat Scans are run as soon as the check becomes available, before the team has even mapped the CVE to an issue title, written the description or curated the remediation advice. We do this to ensure the fastest response time possible.

Once that first ETS has run, we add it to the list of default checks, so if the issue is found on a subsequent scan, you'll see it show up on the issues page, along with all the extra details you're after.

To rescan your targets once you've fixed any failures, use the Scan now functionality to kick off a new scan.

Do Emerging Threat Scans consume licenses?

Yes, they do. An Emerging Threat Scan will run on as many targets as you have licenses; so you have five unscanned targets and five licenses available, then all of those licenses will be assigned and consumed as soon as the ETS runs.
โ€‹

If any of your targets are already consuming licenses, then the 30 day license period will be reset in line with the ETS start date/time. And if any of your targets are in need of a license, we'll flag that too.

Can I disable them?

Yes, of course. To do that, head to Settings > Scans, hit the cog icon and toggle Emerging Threat Scans to off.


FAQs

What vulnerability rating qualifies for an ETS?

Any new external vulnerability rated a Medium, High or Critical will qualify for an ETS.

How does the scanner know when an ETS is applicable for a specific target?

There are some plugins that have a dependency check which informs the scanner whether the plugin will be relevant or not. Wordpress, js library and web-app checks are all great examples of where a dependency check will determine whether the scan needs to run or not.


Note: Emerging Threat Scan features are only available for customers on our Pro, Premium and Vanguard plans.

Note: Premium users receive priority ETS

Did this answer your question?