How They Collect Data
agent vs scanner
Cloud Agentassesses from within
Scannerprobes across the network
Vantage point
On the host, from within
Across the network, from outside the host
Sees
Open ports, running services, installed software and exact versions, missing patches, OS and application configuration, local compliance posture, and supported vulnerabilities
Open ports, listening services, SSL/TLS configuration, and the network-facing attack surface. Reaches anything routable, including devices that can't run an agent
Misses
The network view - how the host is reachable from outside, and remote-only detections such as SSL/TLS issues that need a live handshake to confirm
Deep host detail without credentials (unauthenticated sees only the surface; authenticated closes most of the gap), anything offline at scan time, and any unreachable host
Output
Continuous, near real-time
Point-in-time snapshot