Hi,
We are using scan-assistant to improve the quality of our scan however for some critical servers we would like to verify that the RPM being used is the version supplied by Rapid7 using a digital signature signed by R7. We can achieve a similar outcome using a SHA checksum but this isn’t the same. Are there any scan-assistant RPMs signed that I can download?
Also, is there a way for the scan-assistant to not run as the root user?
Thanks.
Al.