1 - Features

    This section enables vulnerabilities to be identified automatically, without the need for a manual scan.

• CVE: unique identifier used to identify a vulnerability 
• When software is installed, updated or uninstalled, the server receives the information and updates the indicators. 
• When a new CVE is published, the indicators are updated and an email notification is sent if necessary.
• Global vulnerability indicators:
• For a list of vulnerable software, click on the Vulnerabilities tab.

• For a list of vulnerable software, click on the Vulnerabilities tab.

• You will then see a list of software vulnerabilities and system vulnerabilities (Windows KB).

• Each entry can be clicked to obtain detailed information, the list of CVEs and the workstations affected:

2 - Applications inventory

 This section enables you to list all the tools and software installed on your computer, even if they do not present any vulnerabilities.

To obtain this view, simply click on the vulnerabilities tab and remove the CVE Count filter:

You can then view all existing software, even if it contains no vulnerabilities.

3 - Recommandation

It is recommended that you update the software listed in the "Top vulnerable programs" graph as a matter of priority.

4 - Virtual patching

When a new critical vulnerability has just appeared in an Endpoint, we can apply, with the customer's authorisation's, a virtual patching, which is an additional layer of security to protect this system vulnerability against any exploitation, while waiting for the manufacturer of the software affected by the vulnerability to update it.

    This patch is only a temporary solution that must be removed once the new updates containing the necessary security patches have been installed.