An internal scan runs from an Alert Logic® appliance in your environment. When you define a scan, you can specify credentials to use with the internal scan. If you provide credentials, Alert Logic Threat Manager™ can log on to each host on your network and collect information about the host while it performs comprehensive vulnerability checks, including registry setting evaluation. If you do not provide credentials, Threat Manager scans your network without logging on to each host and performs as many checks as possible.
An external scan runs from the Alert Logic data centers against your environment. This type of scan simulates attacks from outside your network and identifies potential issues from these attack types.
For more information about the types of supported scans and scanning best practices, see Scans.