This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

New Preview Capability - Security Vulnerabilities

IainCaldwell
Lansweeper Employee
Lansweeper Employee

‎07-08-2022 10:11 AM - last edited on ‎06-14-2023 08:04 PM by Community Manager

Lansweeper is delighted to announce new capabilities in the security vulnerabilities space. Building on the foundations of our world-class scanning technology Lansweeper has enhanced our software scanning to normalize and enrich with NIST standard naming and identification. This enables Lansweeper to offer value add capabilities matching clients' software against NIST vulnerabilities databases.

This is a preview feature and will be iterated frequently over the next few months before the official release. Please use this space to give suggestions +ve or -ve to help us improve the product.

78 REPLIES 78
sj1
Engaged Sweeper

‎02-06-2023 02:15 PM

Is there any plans on enriching the vulnerability information on whether or not it has been actively seen used in the wild? Perhaps using something like the Known Exploited Vulnerabilities Catalog published by CISA.

Known Exploited Vulnerabilities Catalog | CISA

Jeepinat0r
Engaged Sweeper
In response to sj1

‎02-15-2023 04:04 PM

Following...  This is a critical piece of info that helps us prioritize remediation efforts.

edu_ayus
Product Team
Product Team
In response to sj1

‎02-07-2023 10:21 AM

Hi @sj1 ,

Indeed we are already working to enrich our vulnerability information, and one of the feeds we will use will be the CISA catalog, as you suggested.

I don't have an exact timeframe for it, but it will be in the coming months.

 

 

0 Kudos
whoami
Engaged Sweeper II

‎01-31-2023 10:57 PM

I was wondering if it would be worth having different options for organizing CVE's in Security Insights. Currently they are either Active or Ignored. It would perhaps be cool to be able to apply a custom label for each CVE or predefined one's such as "Under Review", "False Positive", etc. Instead of just "Ignored". 

I saw there are more filters and views for Security Insights which is really cool, but I am still unable to sort by the Assets column. I would like to sort this by count to see which CVE's affect the most assets. 

edu_ayus
Product Team
Product Team

‎01-30-2023 05:34 PM

Hi all!

We are doing today a big release for Security Insights. Customize Views, Advanced filtering, and Export capabilities are now available!

This will cover several of your requests and will provide a complete set of analytic capabilities on this menu.

Please, take a look at this article in the KB, where you can learn how it works: Customize the list of vulnerabilities

We appreciate all your feedback on these new functionalities.

Enjoy it!

0 Kudos
ajlangendijk
Engaged Sweeper III
In response to edu_ayus

‎01-30-2023 05:53 PM

Tried to export from the security listing and that worked. When I open a specific item and then try to export it fails. No error just no export. 

Do like the progress. The additional columns are usefull. Still do not understand where some of the reported vulnerabilities come from. Might be usefull to show a column patch available yes or no. 

For me to use this I would need additional information that helps me to know:

Severity ✔️

Asset ✔️

Software package and version where this is found 

jb_HSI
Engaged Sweeper

‎01-28-2023 03:43 PM

Since it can't detect the update supersedence chain, this feature only serves to confuse and mislead my managers on a dashboard.  Hopefully this works out.  Not getting a lot of use from the cloud offering thus far.  

0 Kudos
edu_ayus
Product Team
Product Team
In response to jb_HSI

‎01-30-2023 05:42 PM

Hi @jb_HSI ,

Thanks for your feedback. Please be patient, considering the feature is still in preview. What you are claiming is something we are currently working to solve, and it will be available in the coming months.

In the meantime, I encourage you to try the new analytic capabilities released today for vulnerabilities. Customizing the views, filtering the vulnerabilities, or exporting the info is already available!

0 Kudos
James12
Engaged Sweeper II
In response to edu_ayus

‎02-13-2023 09:11 AM

What would also be nice is that I don't find today that I have 300 vulnerabilities then tomorrow it becomes 1000+ and then drops again by 1000+ the following day.

There is Something SERIUOUSLY  wrong with scanning of assets,  I have watched a perfectly  good assets come in clean for days and then all of a sudden after being scanned for several weeks, appear to have over 300 vulnerabilities for problems that are resolved by cumulative updates,  suggestion is that I install a patch from 6 months ago, Yet January updates are are clearly on the device, I have a server also missing updates supposedly for over 3 years? Run a report using our Lansweeper server, clean as a whistle, the same data we push to the cloud.

You can filter out stuff all day long but if the data isn't even valid  what is the point of claiming to to be able to scan vulnerabilities, preview or not this is making you look very bad  this becoming more alpha grade code  than preview. and to think your sales guys convinced me to  upgrade our license becuase this product was just about to leave preview and 3 months later all I'm hearing is this is still very firmly in preview mode

edu_ayus
Product Team
Product Team
In response to James12

‎02-13-2023 01:26 PM

Hi @James12 ,

The decision to early release the functionality as preview was made with the aim of detecting (with your help) issues, limitations, or lack of functionality as soon as possible, making it possible to take the vulnerabilities module to the quality level it delivers value to the users.

As soon as we were aware of the limitation of NIST CVEs to detect the installation of KBs through cumulative patches, we started working on a solution that will enrich our vulnerabilities using Microsoft data allowing us to detect installed KBs even if they are individual or part of a cumulative patch.

Sorry for any inconvenience, we continue working hard to fulfill your expectations and recover your trust in this functionality soon.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now