Arctic Wolf Agent Scans
Updated Jul 31, 2023Overview
Arctic Wolf® Agent uses Arctic Wolf Risk Scan Engine (formerly Joval) to run these types of scans:
- Benchmark scans — These scans report when software or configuration best practices are not followed.
- Vulnerability scans — These scans report exploitable vulnerabilities.
Note: If you encounter any issues with benchmark or vulnerability scans, contact your Concierge Security® Team.
Agent scan details
| Scan type | Scan operation | Scan run time | Scan performance |
|---|---|---|---|
| Benchmark | Agent runs scans using Center for Internet Security (CIS) Benchmarks. | Benchmark scans complete within a few minutes. | While active, benchmark scans typically use about 30% of a 2.5 GHz single-core CPU, and 1 GB of memory. Note: During highly intensive activities, you may see up to 100% of CPU utilization. |
| Vulnerability | Agent runs scans using Open Vulnerability and Assessment Language (OVAL) vulnerability definitions. | Vulnerability scans complete within 10 minutes. | While active, vulnerability scans typically use about 30% of a 2.5 GHz single-core CPU, and 1 GB of memory. Note: During highly intensive activities, you may see up to 100% of CPU utilization. |