Hello,
I was wondering if anyone could provide some expertise on Nexpose scanning.
We are finding that a number of 3rd party ands apps and Microsoft store apps are not being found in our vulnerability scans.
We are using authenticated scans and also have agents installed on every endpoint that can have one.
I have checked our scan template and gone to the “Vulnerability Checks” tab & then the “by category” option.
We have all 299 apps enabled.
But for some reason we are not getting vulnerabilities on apps such as cisco any connect, Fortinet, Foxit just to name a few.
We have manually proved we have outdated versions with vulnerabilities just to make sure before creating this post.
We also do not get any reporting on apps from the Microsoft store.
Any assistance would be greatly appreciated.
I recommend submitting a support case for these false negatives, it does look like the three examples provided all should be on the coverage list: Recurring vulnerability coverage | InsightVM Documentation
Thanks,
-Landon