We made the following changes to improve scan visibility and performance.
With AGMS enabled, all asset validation checks happen at the time the scan is launched and not when scan results are viewed. This is because a scan result represents a point in time and is considered immutable or unable to change. If you were able to launch the scan then you should have access to the scan result, even if your asset assignment changes after the scan is launched. For example, if you launch a scan on 100 IP addresses you’ll see scan results data for all 100 IPs even if 10 of those IPs are later removed from your assigned assets. The next time you launch or schedule a scan only the 90 remaining IPs will be available.
With AGMS enabled, users can view and take action (download, cancel, delete) on their own scans and scans launched by their sub-users. Sub-users will no longer be able to view scans launched by their Managers even on assigned assets.
Permissions are as follows:
- Managers can view and take action on their own scans, scans launched by other Managers, and scans launched by all sub-users in the subscription.
- Unit Managers can view and take action on their own scans, scans launched by other Unit Managers in the same business unit, and scans launched by sub-users in the same business unit.
- Scanners can view and take action on their own scans only. They won’t see scans launched by other users.