Running Your First Scan
Running Your First Scan
Once an asset is validated and active, you can either wait for the next scheduled scan or trigger one manually.
Manual Scan
- Navigate to the asset you want to scan.
- Click the Scan Now button.
- FortWatch will queue a full scan (both Nuclei vulnerability scan and Nmap port scan).
What Happens During a Scan
A full scan consists of two parallel processes:
Nuclei Vulnerability Scan
Nuclei performs two passes on each asset:
- Vulnerability scan — Checks for known CVEs, exposed panels, default credentials, and application-specific vulnerabilities.
- Hardening checks — Evaluates security headers, SSL/TLS configuration, and web server hardening (Nginx, Apache settings).
Nmap Port and Service Scan
Nmap scans the top 1,000 most common ports and reports:
- Open ports and their state
- Running services (HTTP, SSH, FTP, etc.)
- Service version detection
- Operating system fingerprinting
Scan Statuses
Each scan moves through these statuses:
- Pending — The scan is queued and waiting to start.
- Running — The scan is actively in progress.
- Done — The scan completed successfully. Results are available.
- Failed — The scan encountered an error. This can happen if the asset became unreachable during the scan.
Viewing Results
After a scan completes, navigate to the asset or scan details page to see:
- A summary of findings grouped by severity (Critical, High, Medium, Low)
- Individual finding details with descriptions and remediation guidance
- Port scan results showing open ports and detected services
- Any new issues that were automatically created from critical or high-severity findings