CIS 9.4 Ensure the web app has 'Client Certificates (Incoming client certificates)' set to 'On'

[willemri]

Describe the bug
When selecting HTTP version 2.0, incoming client certificates must be ignored with azure web app. As the notification under the http version: "When selecting HTTP version 2.0, incoming client certificates must be ignored."

Preconditions
HTTP version 2.0 or lower can do mutual TLS.

To Reproduce

1. Activate HTTP Version 2.0, on settings, on the webapp. For each webapp, there will be a Trigger.

Expected behavior
Only trigger when using a compatible HTTP version with mutual tls, https version: <2.0. When hoovering on the blue notification on the settings tab, you get the warning: "When selecting HTTP version 2.0, incoming client certificates must be ignored."

[smriti0321]

@willemri In Elastic's native CSPM we support CIS Microsoft Azure Foundations Benchmark v2.0.0, we follow the rules published and supported in specific benchmark version. I am attaching the CIS benchmarks PDF for v2.0 for your reference, CIS_Microsoft_Azure_Foundations_Benchmark_v2.0.0 (1).pdf
When we think of the solution here, there are 2 possibilities:

1. Deprecate the rule itself as per the solution in CIS v3.0 PDF for your reference -
   CIS_Microsoft_Azure_Foundations_Benchmark_v3.0.0.pdf
2. Customize to check for HTTP version.

In case of Elastic Security CSPM offering, you can achieve #1 today by going to Rules-> Benchmark Rules-> CIS Azure-> Disable specific rule, in this case the rule in screenshot here-

For #2, we are still in research phase to allow customers to write custom benchmark rules. And this is not something we can support in near term.
cc @romulets @oren-zohar