#5 is a bit outdated as the release of WebInspect 20.2 brings the option to use OpenSSL instead of Microsoft's Schannel. With this you are no longer required to ensure weak ciphers and protocols are enabled on the WI or sensor. Additional information is mentioned in the WebInspect user guide as well as this #FortifyUnplugged video.