Sequential (recommended for most use cases):
A sequential scan is used to systematically work through a list of customer-provided targets (a scope) and provide a map of the discovered environment. This approach scans each discovered device using the credentials provided in the scan job configuration (keychains).
It returns accurate information about the target systems and the applications like Web Servers, Application Servers, and Database Servers running on them.
Application:
An application scan is used to identify and map all the components in an application when only a single entry point is known. This approach uses credentials to connect to a single server (seed) and by identifying the network communications of key applications (databases, web servers, etc.) running on the server, automatically expands the discovery scope to other servers.
Neighborhood:
A neighborhood scan is used to identify and map all servers that are communicating with a single server. Similar to an application scan, this approach uses credentials to connect to a single server (seed) and automatically expands the discovery to other servers in the environment, based on all the network communications of the seed server.
Credential-less:
A Credential-less discovery scans the IP addresses or hostnames in a network without using any credentials to access these targets. The process identifies live devices in the network and, where possible, attempts to identify their operating systems. It generates a list of responding targets but does not create a model of the environment.
Note: Using Application or Neighborhood discovery can result in significant growth in the discovery due to the way this approach traverses network connections. It is highly recommended to use the "Boundaries" component of a scan job to ensure scanning does not traverse outside the desired network.