I’ve just started browsing vulnerabilities highlighted by Rapid7 in a customer’s Azure estate, but I’m a little baffled that some obvious, basic features don’t seem to exist.
Two immediately spring to mind. Firstly, there doesn’t seem to be a way to acknowledge or remove a supposed vulnerability. For example one of the Azure hosts has been identified as having a CUPS vulnerability. But it’s not even running CUPS, so I want to remove this from the list. I don’t seem to be able to do this.
Secondly: lack of basic information. Another host is identified as having the “World writable files exist” vulnerability. But there’s no clue has to which files are being referred to here. Is this information logged on the host? Or am I supposed to go looking for them myself?