Hi folks,
This is my first post, I’m getting a log of my servers (all with the InsightVM Agent installed) flagging in my Siem, The attempts are being made to authenticate using several accounts, PCGuest, admin and Guest.
These look pretty common; From what I was told in the past the scan template uses these familiar or most commonly used accounts to make sure they ARENT being used on systems.
Is there a way to find out a list of devices where guest login was successful from these scans?