Detecting and Resolving Device Vulnerabilities

In this article, you will find:

  • A step-by-step guide detecting and resolving vulnerabilities using the device vulnerability management tool.

Note: You must have installed the agent on all required devices before any vulnerabilities can be detected or resolved.

Detecting Vulnerabilities

Once you have successfully installed the agent across all required devices, you may now begin scanning those devices for vulnerabilities.

Once the agent has been installed onto your devices, navigate to the Scan tab, and click the Scan Devices button.

Please allow up to 30 minutes for the scan to complete. Once the scan finishes, navigate to the Vulnerable Applications tab and click on Get Vulnerabilities, as shown in the example below. There will also be an additional button above this option to Export all listed vulnerabilities into a .csv file.

Note: The platform will automatically scan devices every two weeks, and populate the Vulnerable Applications list with any detected findings. Choosing to manually retrieve vulnerabilities will not impact this schedule.

Retrieving Device Vulnerabilities

The page will then update with a list of any vulnerable applications, along with the number of vulnerabilities and their average CVSS (Common Vulnerability Scoring System) score.

In the example below, seven vulnerabilities have been detected within Notepad++, with an average CVSS score of 5.00, resulting in an Moderate risk rating.

Example vulnerability scan result
Vulnerable Application example

Resolving Vulnerabilities

To resolve vulnerabilities, click on the Review option to see the details of the vulnerable application, including the number of unique vulnerabilities, impacted devices, and the average CVSS.

Vulnerable Application details
Reviewing Vulnerability Information

Note: If you have subscribed to the Vulnerability Management Add-on, you will have the option to automatically remediate the detected vulnerabilities using the Fix this for me button shown above.

There is an additional tab called Associated CVEs. This tab will provide a list of all the CVEs (Critical Vulnerabilities) that were identified, along with a link to learn the full details about each vulnerability, as shown below:

Associated CVEs page
Viewing Associated Critical Vulnerabilities

If you would prefer to resolve the issue manually, or you do not have the Vulnerability Management add-on, we provide remediation guidance in the Manual Steps area. If the issue has been completed manually, click on the Remediated button. This will open a short form, as shown below, were you can confirm that the vulnerability has been resolved.

Manual remediation
Manual Remediation confirmation
Manual remediation success
Successful remediation message

Viewing Vulnerability History

Select the History tab to view a list of previously vulnerable applications that have been successfully remediated, whether manually or through an automated process.

Navigation for accessing the History tab

This page displays a list of all resolved application vulnerabilities. Clicking the dropdown arrow on the far right of any entry will expand a quick overview showing the date and time the vulnerability was discovered, the number of vulnerabilities found, and the average CVSS score.

For a more in-depth look, click the Review button to open the details in the side panel.

Detailed description of the Device vulnerability

Within the side panel’s Vulnerability Information tab, you will find the following details regarding the remediated application:

  • Discovered: The date and time the vulnerability was first detected on this application.

  • Last Modified: The most recent date and time the vulnerability record was updated (such as when it was marked as remediated).

  • Vulnerabilities: The total number of vulnerabilities identified within this specific application.

  • Average CVSS: The Common Vulnerability Scoring System score, which represents the average severity of the risk.

  • Urgency: The categorised severity level of the risk (e.g., Low, Moderate, High, or Critical).

  • Vulnerable Devices: A list of the specific device names or IDs where this vulnerable application was installed.

  • Remediation Steps: Details regarding how the application was fixed. This provides context on the automated actions taken, or, if the fix had to be manual (as shown in the example), an explanation of why automation wasn’t possible and what steps were required.

Select the Associated CVEs tab to view the list of critical vulnerabilities identified for that specific application, as shown below:

Navigation for Associated CVEs