Setting up a vulnerability management remediation process

I’m waiting on the Automox integration from Crowdstrike Spotlight to handle this for me, I know its on the roadmap, but do we have any further news on when this might occur?

Hey @it_stuck,

Thanks so much for the comment. We’ve formally ended our partnership with CrowdStrike, however, we will be moving forward with a generic threat ingest. It will allow you to upload a vulnerability report, like the one you have access to via CrowdStrike’s Spotlight, and set up tasks for immediate remediation. Each task will be a separate CVE id with your corresponding impacted hosts.

The new task screens in the console will feature in-progress reporting at the device level for each individual task. Check out this screenshot below for a better idea:

Screen Shot 2021-06-17 at 11.27.25 AM1678×875 65.2 KB

Feel free to DM me. I’d be happy to do a walkthrough of this Task service with you, answer any questions and get your feedback.

Scott, I’m interested in this new task feature. Do you have a partnership with Qualys for uploading vulnerability scan reports?
Thanks,

Jasper

Hey @jgreen! Thanks for your question. We’re actually making the threat remediation ingest totally generic so that you can take a vulnerability scan report from your vendor of choice, upload it into the Automox console and create discrete “tasks” that are CVE specific.

The only requirement for the upload for the first iteration will be that you have a CVE associated to a hostname within the csv that you upload. So, you’ll need to have at very least 2 headers (one for hostname and one for CVE) in the csv.

Initially, tasks will act as “patch-now” meaning there won’t be scheduling or reboot notifications available. We’re hoping to get to that in the second iteration.

Let me know if you have any other questions.

Scott