Automox Vulnerability Sync enables you to upload reports from a vulnerability scanner and organize vulnerabilities into tasks. A vulnerability scan (a CSV vulnerability report from your preferred vulnerability scanner) must identify CVE IDs (common vulnerability enumerators) and hostnames. When a .CSV file is successfully synced, Automox creates remediations grouped by the patch that applies to CVEs and devices in the file. The CVE and severity data mapping is based on our internal vulnerability mapping. This task service also shows when hostnames are not found (due to a missing Automox agent), when duplicate hostnames are listed, and when CVEs are uploaded from the CSV file that Automox is not aware of. This can be due to the fact that either we have not yet synced the threat data, or the CVE is associated with a third-party application or a macOS device that Automox does not yet have vulnerability mapping for.
In addition, you can review real-time task execution statistics including device-level details about success, failure, and other remediation processes/results. Summaries of execution statistics for individual tasks are also available to review.
Remediation is currently for Windows and Linux OS only
The Automox agent must be installed on the devices
Tasks cannot be deferred
If devices require a restart to finish the process, the remediation will not happen automatically
Notifications and patch deferrals are not available at this time
A task cannot be stopped after it has been started
The upload file requirements: CSV format, less than 1 GB in size, must include hostname and CVE number
For further questions, submit a request in our customer portal.