When Thoropass finds that you have VMs, Containers, or Physical servers in-scope for an audit, we will suggest the Servers (VM, Container or Physical) review.
It is recommended that you consolidate user access to these types of systems here if possible.
User access for these tools typically is managed in most cases at the company level, such as in Active Directory/Entra or via a user management tool such as Okta. If that is the case, it makes VM, Container and Physical Server access very easy to document.
If you have special cases that need to be documented separately, such as a one-off server or container that is not managed in a similar way, you may add this server to your Vendors list and add it to your review at any time.