Rapid7 - missing features?

I’ve just started browsing vulnerabilities highlighted by Rapid7 in a customer’s Azure estate, but I’m a little baffled that some obvious, basic features don’t seem to exist.

Two immediately spring to mind. Firstly, there doesn’t seem to be a way to acknowledge or remove a supposed vulnerability. For example one of the Azure hosts has been identified as having a CUPS vulnerability. But it’s not even running CUPS, so I want to remove this from the list. I don’t seem to be able to do this.

Secondly: lack of basic information. Another host is identified as having the “World writable files exist” vulnerability. But there’s no clue has to which files are being referred to here. Is this information logged on the host? Or am I supposed to go looking for them myself?

Any thoughts?

1 Like

If you go to the vulnerability section on an Asset and open it, you will see the “proof” for why R7 found this vulnerable. If you go to the vulnerability page, it will give you the “proof” for all the assets that have it.
If you have a “False Positive” you can put an exception in for that vulnerability on that asset to remove it from reporting.

1 Like