Does anyone know how Rapid7 determines what software it will display on the “Installed Software” page of an asset with in the InsightVm local console? Is it just the ones they have vulnerabilities for or is it a separate database? Also wondering how does Rapid7 prioritize vulnerabilities for software that are not currently within IVM coverage database?
Thanks
Software Inventory is just that, whatever is natively installed any of the APT or YUM and Windows Installers and has Registry keys for.
It will display all of it, there does not have to be a VULN present for the Software to Show up in the list.
Vulnerabilities are prioritized on the CVSS ranking and age and a few other factors they have built into their Algebraic Formula, not prioritized by the Software.
If there is no IVM coverage then there is no VULNS so intern no prioritization. VULN vendors do not create checks for every CVE published, All Vendors are different in that regards.
I don’t think this is true as I have been unable to search for software such as SQL Server Management Studio, Visual Studio, or Microsoft .net core. I also opened a ticket to which I was informed that it does not fingerprint all software
How are you searching?
First off thanks for the reply. My apologies though it is Visual Studio Code that doesnt show up. When I run a search like you did the only thing that comes up is Crystal Reposts Basic Runtime for Visual Studio. Scans are based on the agent. have tried credential scans too. Same with other apps that do not show up
I know that I’m late to the thread. As of today at least, when I search for Visual Studio Code it does identify the assets with VS Code installed.
Thanks for the reply. This could be my fault. Considering there are so many variants. I specifically have Microsoft Visual Studio Community 2022 (64-bit) - Current.
This does not show up as installed anywhere