This is a request from one of my TAM customers that I need help answering:
"We’re attempting to utilize the custom vulnerability check feature as a means of double checking the validity of scan results we’re importing to other tools. We’re looking to make a vulnerability check that would appear on 100% of our scans so that we know that if the finding exists then the scan data we’re importing is legitimate and complete.
From the documentation I’m finding on this page I’m having trouble writing a check that would appear on all scans. Is there any more detailed documentation for this feature and all of the different types of vulnerability checks that can be created (the documentation reviews network service checks, Windows registry keys, file versions, operating system version, etc., but are the additional types not covered on this page?)? If there’s a check we could write to resolve to vulnerable if there are any open/closed ports then that would be great. If your engineers have any ideas then that would be great as well."