2026-07-04: Change related to standard network scans
What's changing?
On Wednesday, 8 July 2026, we're enabling default credential checking in the standard network scan configuration. This check was previously bundled under the "Skip password brute forcing" flag (enabled by default), even though checking for known default credentials is not the same as password brute forcing. We're now separating the two, so default credential checking runs by default independently of that flag.
This change applies to the following network scan profiles.
- Network scan - Standard (recommended)
- Network scan - Aggressive
- Network scan - Extended
- Network scan - Fast
- Network scan - Full
- Network scan - Intense
- Network scan - PCI DSS Compliance (ASV)
- Network scan - Precision
- Network scan - Ransomware & exploits
- Network scan - SCADA-OT
- Network scan - Scale
- Network scan - Sensitive
How this affects you
You may see a slight increase in reported vulnerabilities if any known default credentials are found on your scanned assets.
What you need to do
No action is required. Default credential checking will be enabled by default in standard scan configuration starting July 8, and any findings will appear in your regular scans.