The following are common questions and answers about Automated Vulnerability Remediation (AVR)
If I execute any actions from AVR, will it restart those systems?
No - The patch executes, but the system is not restarted
Can I recreate a connection?
If an API key needs to be updated, we currently recommend creating a new connection with the updated API key and region information.
Can Automated Vulnerability Remediation be used with Rapid7 Nexpose?
No - AVR is a platform to platform integration and does not support pulling data directly from the Rapid7 Nexpose console.
Is it currently possible to leverage worklets from the Worklet Catalog for remediations?
It is possible to use worklets from the catalog as long as the worklet has already been defined as a custom policy within the organization.
Is it possible to configure the integration to run at a particular time during the day?
No - The integration with Rapid7 is only configured to run on a schedule once per day at 4 AM MT.
Why don't I see any CVEs for App Store on macOS?
Automox now includes severity data for native macOS packages. However, updates for applications that are included with macOS are updated as part of the OS update. For example, App Store would be updated when you install the macOS update. For more information, see macOS Best Practices: Patch Notifications & CVEs.
Troubleshooting
When a saved configuration runs, I receive an “invalid action connection unauthorized” error.
This error occurs when an invalid API key or region is selected when creating a connection. Create a new connection and verify the API key and region are correct for your Rapid7 Platform organization.
Comments
0 comments
Article is closed for comments.