Installed Software and Vulnerability Prioritization

Does anyone know how Rapid7 determines what software it will display on the “Installed Software” page of an asset with in the InsightVm local console? Is it just the ones they have vulnerabilities for or is it a separate database? Also wondering how does Rapid7 prioritize vulnerabilities for software that are not currently within IVM coverage database?

Thanks

Software Inventory is just that, whatever is natively installed any of the APT or YUM and Windows Installers and has Registry keys for.

It will display all of it, there does not have to be a VULN present for the Software to Show up in the list.

Vulnerabilities are prioritized on the CVSS ranking and age and a few other factors they have built into their Algebraic Formula, not prioritized by the Software.

If there is no IVM coverage then there is no VULNS so intern no prioritization. VULN vendors do not create checks for every CVE published, All Vendors are different in that regards.

I don’t think this is true as I have been unable to search for software such as SQL Server Management Studio, Visual Studio, or Microsoft .net core. I also opened a ticket to which I was informed that it does not fingerprint all software

How are you searching?

image

image

First off thanks for the reply. My apologies though it is Visual Studio Code that doesnt show up. When I run a search like you did the only thing that comes up is Crystal Reposts Basic Runtime for Visual Studio. Scans are based on the agent. have tried credential scans too. Same with other apps that do not show up