What is the Vulnerability Assessment of products based on Aether Platform?

The vulnerability assessment module built on Aether platform finds computers on the network with known software vulnerabilities and reports on the availability of patches to mitigate vulnerability impact on computers.

Vulnerability assessment supports Windows, macOS, and Linux operating systems. It identifies third-party applications that have missing patches or have reached end of life (EOL), as well as the patches and updates released by Microsoft for all of its products (operating systems, databases, Office applications, etc.).

Vulnerability assessment does not install the identified patches on managed computers. You can install the required patches on your own or purchase the Patch Management module to install the patches centrally from the Aether products console.

Vulnerability Assessment Settings
To enable the solution to automatically search for available patches, enable Automatically search for patches. If this option is not enabled, the solution lists do not show missing patches, although you can use patch installation tasks to install missing patches on computers.

Network administrators can choose between installing patches manually or using a third-party tool. However, by purchasing the Patch module, you can install patches centrally and automatically from the Advanced EPDR console.

Search frequency
Search for patches with the following frequency specifies how often vulnerability assessment searches the cloud-based patch databases to check for missing patches for your computers.

Patch criticality
Specifies the importance (or criticality) of the security patches that vulnerability assessment searches for.

Windows Service Packs are not applied to macOS or Linux computers or devices

Software vendors define the importance of the security patches they make available to address vulnerabilities. Patch classifications are not universal and vary by vendor. To determine whether you want to install a patch, we recommend that you review its description, especially for patches that a vendor does not classify as Critical.

Patches containing bug fixes and feature enhancements for macOS and Linux are included in the Other patches (non-security related) category.
Vulnerability Assessment System Requirements
Supported Windows operating system versions

• Workstations
  • Windows 7 (32 and 64-bit)
  • Windows 8 (32 and 64-bit)
  • Windows 8.1 (32 and 64-bit)
  • Windows 10 (32 and 64-bit)
  • Windows 11 (64-bit)
• Servers
  • Windows 2008 (32 and 64-bit) and 2008 R2
  • Windows Small Business Server 2011, 2012
  • Windows Server 2012 R2
  • Windows Server 2016
  • Windows Server Core 2008, 2008 R2, 2012 R2, and 2016
  • Windows Server 2022

Supported macOS operating system versions

• macOS Catalina 10.15
• macOS Big Sur 11
• macOS Monterey 12
• macOS Ventura

Supported Linux operating system versions

• Supported 64-bit distributions:
  • Red Hat: 7.0, 8.0
  • CentOS: 7.0
  • SUSE Linux Enterprise: 12, 15

Permissions required

• Configure vulnerability assessment
  Create, edit, delete, copy, or assign vulnerability assessment settings profiles.
• View available patches
  View vulnerability assessment settings profiles.

Vulnerability Assessment Status
Shows computers where vulnerability assessment is working correctly and computers where there have been errors or problems installing or running the module. The status of the module is represented with a circle with different colors and associated counters. The panel shows the number and percentage of computers with the same status.

To access the dashboard, select Status from the top menu. Select Vulnerability assessment from the side menu. You can see either of these values for each computer or device:

• Enabled
• Disabled
  
• Install error
  
• No license
  
• No information
  
• Error

Time since last check
Shows the number of computers that have not connected to the cloud and reported patch status for more than 3, 7, and 30 days. Use this panel to identify computers that might be at risk and require your attention.

End-of-Life programs
Shows information about programs that have reached or are close to end of life, grouped by end-of-life date.

Available patches
Shows the number of patches of different types that are available for computers on the network. Numbers in this panel count the same patch multiple times if multiple computers do not have the patch installed.

Available patches trend
Shows the trend of the number of patches that are pending installation on the computers on the network, grouped by severity.

Most available patches for computers
Lists available patches (in Pending status) and the number of devices the patch is available for, in descending order from left to right.

Programs with most available patches
Lists the programs that are missing patches, as well as the number of patches the program is missing, in descending order from left to right

Available patches by computers
Shows all patches that are available for computers and information about patches in the process of installation.

Filters applied to patches:

• Criticality
  • Other patches (non-security related)
    
  • Critical (security-related)
    
  • Important (security-related)
    
  • Moderate (security-related)
    
  • Low (security-related)
    
  • Unspecified (security-related)
  • Service Pack
• Computer type
  
• Type of device affected by the patch.
  
  • Workstation
    
  • Laptop
    
  • Server
    
• Platform
  
• Operating system installed on the computer.
  
  • All
    
  • Windows
    
  • Linux
    
  • macOS
    
• Patch type
  
• Type of software affected by the patch.
  
  • App patches
    
  • Operating system patches
    

Vulnerability Assessment Lists
You can create and save Vulnerability Assessement lists from My lists, Add.

Help nº- 20230612 700151 EN