3/16/2023 0 Comments Report file as false positiveYou must perform this due diligence before we allow you to report potential false positives to the Rapid7 Support team for further investigation. The design intent of the false positive investigation tool is to help you identify how your scanning configuration (which includes the presence and strength of credentials and the coverage of your scan template) could be producing inaccurate results and suggest changes to correct it. This means any investigation you submit for a vulnerable result includes all detected instances of that vulnerability on the asset (if more than one instance is found). Like regular scans, you can run investigations immediately or schedule them to run automatically at a later time.įalse positive investigations are vulnerability finding-based. The investigation tool sends false positive report packages to Rapid7 in XML format. If this rescan produces the same vulnerable result as before with all prerequisites satisfied, you can report the result as a potential false positive. This rescan uses the Full Audit without Web Spider built-in scan template with enhanced logging enabled. How false positive investigations workĪn investigation is a rescan of the affected asset that's limited to the vulnerability check in question. This gives us the chance to fix the vulnerability check and make sure your assessment results are as accurate as possible. You should report false positives to Rapid7 immediately if they appear in your results. False positives can appear due to an error in check logic or changes in the target software that the check is not designed to handle. What is a false positive?Ī “false positive” is when Nexpose incorrectly determines that a target asset is vulnerable to a specific vulnerability check. If your investigation shows that the result could be a false positive, you can report the findings to the Rapid7 Support team in a single mouse-click.īy the time you’re ready to create your case in the Customer Portal, the Support team will already have the information they need to troubleshoot the issue. Nexpose allows you to investigate vulnerable results as potential false positives directly from the Security Console.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |