Skip to main content

Vulnerability Sync Updates

  • January 21, 2022
  • 3 replies
  • 400 views
JessicaS-Automox
Forum|alt.badge.img

Hey everyone! :wave:

If you haven’t already seen it, we’ve made updates to the vulnerability sync experience in the console :grin:

 

Now there are more options for what CVE report type can be uploaded to the Automox console. We’ve added Qualys to our list of supported reports! Of course, you can continue to use CrowdStrike, Rapid7, and Tenable reports, or select “Generic Report” in other scenarios.

3d94oLAGc2Q2kxS_4Mg2B1DpnkVetwp7CFWEikhnePFQQfjbRQEojZHjuG-NvDOOCBjcpDCSEv_OAjNtdClHVeQuJkUN8K3QGXnsrYc80Evskc5FZIIfWRnoH4poIAjRY_adtOP6

Additionally, our Tenable support has been updated so you no longer need to manually modify it to be compatible with Automox - the report format is now supported out-of-the-box. We hope this expedites your workflow even more, so that you can fix vulnerabilities quickly!

 

We now also use case insensitive lookups, which should make searching by hostname or FQDN much smoother than before.

 

Which CVE report type does your organization use? Drop a comment below!

 

‘Til Next Time,

Jessica Starkey | Technical Marketing Engineer

C
1 person likes this
  • C
    Cortelli
How helpful was this post to you?

3 replies

C
  • ChrisG
  • Rookie
  • 1 reply
  • January 28, 2022

Hi there,

We are using the Crowdstrike input, however we come across a number of potential issues with the label “CVE Not Applicable”. What does this mean as I cannot find any other information on the community. 

Thanks!

Brittany
Forum|alt.badge.img
  • Brittany
  • Pro
  • 40 replies
  • January 28, 2022
ChrisG wrote:

Hi there,

We are using the Crowdstrike input, however we come across a number of potential issues with the label “CVE Not Applicable”. What does this mean as I cannot find any other information on the community. 

Thanks!

Hey @ChrisG -

Thanks for checking in! I asked my Vulnerability Sync team and they said that the issue could be caused by CVEs that are superseded by other CVEs (addressed in another CVE/update-set) or by CVEs that require changes in configuration (not exclusive to a simple application of a patch alone and/or automation is not yet supported due to the nuance of the change).

Hope that helps answer your question.

JessicaS-Automox
C
2 people like this
  • JessicaS-Automox
    JessicaS-Automox
  • C
    ChrisG
J
Forum|alt.badge.img

We use Qualys.  Thanks for the update!

Reply


Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings