Test behind your login page
If your web application has a page that requires authentication (login and password), the security scanners will need to authenticate before analyzing the pages that lie beyond. Gauntlet offers more than one way to allow scanners to authenticate to your web application.
In your Scan Profile, just go to the "Authentication" tab and select the authentication method that is related to your application. Gauntlet relays such configuration to scanners, so it depend on them to implement the authentication.
On the other hand, we also offer a "Script Authentication" that lets you write an Arbitrary Function, retrieve the Header or Cookie containing the Session ID and either relay to the scanners or use Gauntlet Proxy - an intercepting proxy - to add the Header/Cookie to all requests even if the scanner doesn't support it by default.
Scanners should be able to verify if they are still logged in and also be able to identify the logout link to don't "click" on it, thus there is a few configurations that should be set up.