Issue:
Elements Exposure Management vulnerability scans on Linux contain false positive detection for backported software. Any recommendation for scanning backported software?
Resolution:
For any host with backported software. we would suggest performing authenticated scan to get more accurate result. If the "Skip backported software" option is enabled in the vulnerability scan template, vulnerabilities of backported software are not reported in the scan result. For example, Ubuntu often backports security patches, so scanners may skip checks if they detect an Ubuntu OS and the “skip backported” option is enabled.
Skip backported software
Backporting takes selected parts of a newer version of the software and ports them to an older version of the same software. This is usually part of the maintenance to patch security issues and is hard to detect in unauthenticated scans. This may cause a number of false positives. To get more accurate results and to also check backported software, use authenticated scans. By selecting this option, the scanner attempts to detect backported software and does not report their vulnerabilities to avoid false positives. More information on authenticated scans can be found from this link.