Kaseya Community

Software Management- Reported Vulnerabilities

  • Hello All-

    Wondering if anyone has come across the following and found a solution.

    We have been patching our endpoints using software management and I have been trying to get a grasp on the vulnerabilities that are reported in the dashboard.  Since we have no control on the dashboard view (which is very broken in my opinion) do we have to rely on the report module to separate the vulnerability counts to only reflect the patches that we are approving?

    We use the Dashboard and vulnerabilities view to give us an idea of how we are doing but if we are not approving some patches and have set Reject overrides, the dashboard and vulnerability count per machine will never separate those that we are not pushing.

    In short, is there any way to stop showing the count of all vulnerabilities per endpoint and only show the applicable /approved ones?  Similar to how patch management would handle patch approval and not show outstanding patches that were not in the approved category.

  • Mikey,

    Unfortunately this has been labeled by Kaseya as a feature request, it has caused much confusion with our clients and we essentially had to not allow access but to ourselves for these dashboards and completely rely on crafting reporting (which options are also very poor for software management) to get accurate numbers for what is actually missing on nodes.

    Thanks

  • In comparison to the patch management module which shows clearly what is installed, what needs to be installed and what has been denied.  The lack of this distinction is a serious failing in Software management where a vulnerability remains even if in my professional opinion is unrequired and I have denied it.  EG a patch for time zone in Fiji I do not need installed but it continues to show as a vulnerability even though I have denied it.  

    If this is regarded a a feature request then there must be some serious limitation in the people who planned and created this module, possibly they have no real world experience?