How to initiate a force manual scan of a single asset from asset? after fixing the vulnerabilities on the asset

How to initiate a scan of a single asset? after fixing the vulnerabilities on the asset.
Like in Qualys changing a registry value in an asset will initiate a scan.

1 Like

Hi @pradeep_gandavarapu !

There are multiple ways:

  1. You can install the agent on the asset and it will do a check every 6h.

  2. You can use Remediation Projects to scope and track what vulnerabilities you are currently working on and make use of the Validation Scan (New InsightVM Features: Optimizing the Remediation Process)

  3. Or start a manual scan from the site overview page or the site details page and only enter the IP of the asset you want to scan (Running a manual scan | InsightVM Documentation)


Thanks for the answers. I was wondering if there is a way to scan an asset with the agent without waiting 6h.
Can not start manual scan for the site with agents installed on the assets.

Thank you,

There is no way to manipulate the the assessment interval of the agent manually and/or individually. This is a global value for all agents. However, you can still manually scan the asset with a site scan in the way that @philipp_behmer had suggested in option 3.

Honestly though, option 3 is going to be your best bet if you’re looking for immediate results and verification that the vulnerability indeed is no longer present. So to do this you can’t just have the asset with an agent on it. It needs to exist within a separate site as well. So you will need a site with that asset defined within it. Once it’s defined within a site you can go to that assets page and click scan now. This will start a scan on ONLY that asset within whatever site it belongs in. If you do not have the “Scan Now” option then that means it only exists within the “Rapid7 Insight Agents” site.

Now another thing to consider is the scanning template you are using to scan with. If this asset has an Insight Agent on it and the vulnerability you are trying to verify would normally be checked by the agent you want to make sure you’re using a scan template that DOES NOT have the “Skip checks performed by the insight agent” selected. This option is found in the “Vulnerability Checks” tab within the scan template.