From the Manage → Remediations page, you can organize vulnerabilities into Automox tasks.

The following topics are described here:

Download a CSV-formatted Vulnerability Report

Follow the instructions in Exporting Vulnerability Scanner Reports to download a CSV-formatted vulnerability report from your third-party vulnerability scanner.

Viewing Remediations

Click the Manage tab and select Remediations → Manual.

remediations-manual.png

Uploading a Vulnerability Report to Create Tasks

You can upload a CSV-formatted vulnerability report from a variety of different CSV providers and start adding tasks.

Note: The maximum file size for CSV uploads is 1 million rows.

Note: If you are accessing the Remediations page for the first time, you may see the options manual import or partner integration. Select the Get Started button for manual import and follow the steps here.

Note: Using Notepad++ to open and save vulnerability scanner exports introduces hidden characters and can cause the manual import to fail. Automox recommends using a different source code editor.

  1. From the Remediations → Manual tab, click Import.

  2. Select the CSV provider format for the report that you want to upload.
    Note: The format required for the report is listed in the Expected Format field. Refer to that to ensure that the uploaded file meets the requirements (see also Exporting Vulnerability Scanner Reports).

  3. Click Upload File and select the CSV file that was downloaded from the vulnerability scanner. 

  4. If Automox determines the size of the file is acceptable, a confirmation shows that the file is accepted without errors and prompts you to click Next

  5. A message then shows that it is processing the CSV. Click Finish.

add-new-task.png

add-task-csvprovider.png

Syncing the Imported Report

The mapping process is asynchronous and it takes time to discover hostnames and any CVEs that they are impacted by. A sync is complete once it shows as Ready. Each CSV file has its own row and when the file completes processing it is highlighted.

remediations-manual-table.png

Table Column

Description

Name

Name of the CSV file that was uploaded

CSV Provider

Indicates the CSV provider source

Uploaded By

Email address of the user who uploaded the file

Status

Possible values:

  • Ready

  • Building

  • Error

Patchable Vulnerabilities

Number of vulnerabilities and affected devices that can be remediated by Automox

Unmatched Vulnerabilities

Number of vulnerabilities and affected devices in your environment

Unknown Devices

Number of devices that do not currently exist in your Automox organization

Updated

The date the file was uploaded

Actions

Options:

  • View Report

  • Delete

Remediating Vulnerabilities

You can view the Remediation Details page of any imported CSV file. This provides a detailed view of the specific vulnerabilities affecting your environment and options to remediate them.

  • From the Manual page, click the name of the CSV file to open the details page.

Identified vulnerabilities are automatically parsed into three categories:

  • Patchable Vulnerabilities

  • Unmatched Vulnerabilities

  • Unknown Devices

Patchable Vulnerabilities

The Patchable Vulnerabilities tab lists vulnerabilities in packages that are grouped by severity. The package includes the CVEs and affected devices.

Note:

This includes third-party vulnerabilities. Refer to Understanding Automox Severity Data for a list of software packages we support updates for.

manual-patchable-vuln.png

Each package includes a list of CVEs that will be remediated and a list of devices that will be patched. You can view the details by opening the drop-down menus.

Devices Table Column

Description

Device

Name of the device

Status

This shows the status of the device: For example, connected or disconnected.

OS

This is the OS type of the device: macOS, Windows, Linux

OS Version

OS build number

IP Address

IP address of the device

Remediation Status

Status of the vulnerability remediation for the specific device.

Remediation statuses include:

  • Not Started

  • In Progress

  • Success

  • Failed

  • Timed Out

  • Canceled

  • Click Remediate to install and patch the devices without a schedule.

  • After you click Remediate, the remediation status of each device updates as the policies are run. Open the Devices details for a visual depiction of the progress.

Unmatched Vulnerabilities

The Unmatched Vulnerabilities tab lists vulnerabilities and affected devices in your environment. These vulnerabilities require you to specify a Worklet Policy in order to remediate the affected devices. You can view the detailed list of devices by opening the drop-down menu.

Devices Table Column

Description

Device

Name of the device

Hostname

Permanent device name

Private IP

IP address of the device

Remediation Status

Status of the vulnerability remediation for the specific device

  • Click Remediate With Worklet to view a list of your existing worklet policies to remediate with.

Table Column

Description

Worklet Name

Name of the Worklet policy

OS

Supported operating systems by the policy

Notes

Click this icon to expand a section with notes about the policy

View Details

Click this link to open the Edit Worklet page for this policy in a new tab

  • You can use the search bar in the Remediate with Worklet window to find a specific worklet.

  • Click Remediate to schedule the worklet.

Unknown Devices

The Unknown Devices tab lists devices that do not currently exist in your Automox organization. This information can be used to identify gaps in your environment where the Automox agent is not already installed. The list of device hostnames can be exported and used in a tool like Automox Agent Deployer, which supports automatic deployment to CrowdStrike-managed devices.

vuln-sync-unknowndevices.png

  • Click Export CSV for a list of all unknown devices.

Related Topics

Was this article helpful?
0 out of 0 found this helpful