From the Manage → Remediations page, you can organize vulnerabilities into Automox tasks.
The following topics are described here:
Download a CSV-formatted Vulnerability Report
Follow the instructions in Exporting Vulnerability Scanner Reports to download a CSV-formatted vulnerability report from your third-party vulnerability scanner.
Viewing Remediations
Click the Manage tab and select Remediations → Manual.
Uploading a Vulnerability Report to Create Tasks
You can upload a CSV-formatted vulnerability report from a variety of different CSV providers and start adding tasks.
Note: The maximum file size for CSV uploads is 1 million rows.
Note: If you are accessing the Remediations page for the first time, you may see the options manual import or partner integration. Select the Get Started button for manual import and follow the steps here.
Note: Using Notepad++ to open and save vulnerability scanner exports introduces hidden characters and can cause the manual import to fail. Automox recommends using a different source code editor.
From the Remediations → Manual tab, click Import.
Select the CSV provider format for the report that you want to upload.
Note: The format required for the report is listed in the Expected Format field. Refer to that to ensure that the uploaded file meets the requirements (see also Exporting Vulnerability Scanner Reports).Click Upload File and select the CSV file that was downloaded from the vulnerability scanner.
If Automox determines the size of the file is acceptable, a confirmation shows that the file is accepted without errors and prompts you to click Next.
A message then shows that it is processing the CSV. Click Finish.
Syncing the Imported Report
The mapping process is asynchronous and it takes time to discover hostnames and any CVEs that they are impacted by. A sync is complete once it shows as Ready. Each CSV file has its own row and when the file completes processing it is highlighted.
Table Column |
Description |
---|---|
Name |
Name of the CSV file that was uploaded |
CSV Provider |
Indicates the CSV provider source |
Uploaded By |
Email address of the user who uploaded the file |
Status |
Possible values:
|
Patchable Vulnerabilities |
Number of vulnerabilities and affected devices that can be remediated by Automox |
Unmatched Vulnerabilities |
Number of vulnerabilities and affected devices in your environment |
Unknown Devices |
Number of devices that do not currently exist in your Automox organization |
Updated |
The date the file was uploaded |
Actions |
Options:
|
Remediating Vulnerabilities
You can view the Remediation Details page of any imported CSV file. This provides a detailed view of the specific vulnerabilities affecting your environment and options to remediate them.
From the Manual page, click the name of the CSV file to open the details page.
Identified vulnerabilities are automatically parsed into three categories:
Patchable Vulnerabilities
Unmatched Vulnerabilities
Unknown Devices
Patchable Vulnerabilities
The Patchable Vulnerabilities tab lists vulnerabilities in packages that are grouped by severity. The package includes the CVEs and affected devices.
Note:
This includes third-party vulnerabilities. Refer to Understanding Automox Severity Data for a list of software packages we support updates for.
Each package includes a list of CVEs that will be remediated and a list of devices that will be patched. You can view the details by opening the drop-down menus.
Devices Table Column |
Description |
---|---|
Device |
Name of the device |
Status |
This shows the status of the device: For example, connected or disconnected. |
OS |
This is the OS type of the device: macOS, Windows, Linux |
OS Version |
OS build number |
IP Address |
IP address of the device |
Remediation Status |
Status of the vulnerability remediation for the specific device. Remediation statuses include:
|
Click Remediate to install and patch the devices without a schedule.
After you click Remediate, the remediation status of each device updates as the policies are run. Open the Devices details for a visual depiction of the progress.
Unmatched Vulnerabilities
The Unmatched Vulnerabilities tab lists vulnerabilities and affected devices in your environment. These vulnerabilities require you to specify a Worklet Policy in order to remediate the affected devices. You can view the detailed list of devices by opening the drop-down menu.
Devices Table Column |
Description |
---|---|
Device |
Name of the device |
Hostname |
Permanent device name |
Private IP |
IP address of the device |
Remediation Status |
Status of the vulnerability remediation for the specific device |
Click Remediate With Worklet to view a list of your existing worklet policies to remediate with.
Table Column |
Description |
---|---|
Worklet Name |
Name of the Worklet policy |
OS |
Supported operating systems by the policy |
Notes |
Click this icon to expand a section with notes about the policy |
View Details |
Click this link to open the Edit Worklet page for this policy in a new tab |
You can use the search bar in the Remediate with Worklet window to find a specific worklet.
Click Remediate to schedule the worklet.
Unknown Devices
The Unknown Devices tab lists devices that do not currently exist in your Automox organization. This information can be used to identify gaps in your environment where the Automox agent is not already installed. The list of device hostnames can be exported and used in a tool like Automox Agent Deployer, which supports automatic deployment to CrowdStrike-managed devices.
Click Export CSV for a list of all unknown devices.
Related Topics
See also our documentation for Automated Vulnerability Remediation