Security Insights is a feature in Lansweeper Cloud currently in Preview mode. It provides insights into which assets are potentially vulnerable. It will not replace a scanner. Features in Preview mode are still being actively worked on in the background, but we feel are already mature enough for you to experience and use while we take your valuable feedback to further improve for the final launch.
Currently, when we calculate the vulnerabilities, we only take the CPEs (CPE: Common Platform Enumerator) we receive from NIST into account. For example, updating the version of a software/library is something easy to track, so if that is the case, it will be reflected once it is updated in the CVE. Still, things like a change in a configuration or a combination of several actions can be complicated to track.
Another example is when a Windows KB (quick-fix) patches a vulnerability but does not change CPE; we will still mark the asset as vulnerable. We currently do not consider Windows KBs if they do not modify the CPE. The CPE is typically only updated when the Windows build number changes.
We are currently working to improve our analysis capabilities, so we can expect to see fewer false positives in the future
