[How do you handle these situations during a vulnerability assessment?]

Just a simple vulnerability assessment/scan to determine software levels, vulnerable software installations, users, misconfigurations, etc using basic/standard scan policies from any vulnerability software (openvas, nexpose, nessus, etc).

In most cases I have come up against, the vulnerability scanning tools need credentials so it can authenticate to a machine to perform the necessary enumeration of users, user configurations, software installed, services, etc.

The challenge is not everyone has a domain structure where a domain user can be added that would have rights, or a tool (group policy) to make sure there are standard configs in an environment.

I was 'hoping' someone has already had this experience and perhaps has a better solution that what I have come up with so far - going to each machine and configuring it as necessary...

[How do you handle these situations during a vulnerability assessment?]

I am hoping to get feedback/advice/thoughts on handling the following situations during a vunerability assessment:

• Site consists of ~15 Windows PCs with no domain controller and uses local logins
• PC configs are not all the same (local firewall enabled, remote registry, etc) and there is no mechanism for standardizing the configs

So, aside from the obvious issues above, when performing a vulnerability assessement and need to authenticate to every machine, do you go to each machine and create a local account for each machine, and do you have to go to every machine and verify configs so the vulnerability tools can perform as needed?

Seems there has to be a better solution...

Thanks in advance.