We use Nexpose in conjunction with LEM. Some of our scans are designed to check for and attempt to use ...\administrator on Windows devices. It appears nearly all of the "account login failure..." type rules are affected. I need to whitelist this activity by Source IP or whatever I can on the LEM for all of our Nexpose scan engines. Is it possible to just whitelist the scan engine IPs somewhere in LEM?
Thanks!
