CVE Based Vulnerability Scanning
J
Jose Soto
Clients really want to be able to sync CVE Based Vulnerability Scanning into other reporting products such as NinjaOne who have recently released a vulnerability integration for vendors. It would help during our sales process to have that and specifically with NinjaOne. Even the ability to add an exported spreadsheet would be very helpful.
Patrick Sofo [Security Product Manager]
Merged in a post:
Vulnerability Scanner
J
James Stull
I would love to have vulnerability scanning built into huntress to let me know if any OS or 3rd party applications are out of date and vulnerable. Even better is if we could then use the built-in winget to update those applications.
Peter O'Hara
check out roboshadow.com. It has a free option and next option up is minimal spend. they are building a Cyber RMM in the near future. For an MSP is free value-add that can be charged to customers as part of the service.
M
Matt Gerbrandt
Check out hackertarget.com, look what there doing with NMAP and OpenVAS scanners. Have Huntress auto detect public IPs, give your customers the click of a button to enable NMAP, OpenVAS scheduled scanning, do change management like they are, so we can be alerted when there is a new port or vuln detected, have that integrate into PSA integration.
J
James Stull
A way to make this happen, is just digest the information from Defender for business. It has a full vulnerability and best practice configuration to limit attack surface. Huntress could digest this info, and help us come up with a plan, or even better give us an easy button for common configuration changes and update 3rd party apps through winget or something to help limit vulnerabilities.
Mason Schmitt
Yes! Our RMM tool is supposed to provide us with accurate reporting of OS patches, but it currently is not reliable. We really need a tool to verify that patches are actually installed. Doing the same for a number of common applications would also be good. I think this functionality would fit well with Huntress' locally installed agent.
I'm less certain about having Huntress scan the network to look for vulnerabilities. I assume this would happen either via installing a special scanning agent in a privileged position in the network or with Huntress scanning remotely over a VPN. I really don't like the latter option and probably wouldn't use it. The former would be acceptable, but when considering some of the other feature requests I'd place this one well down the priority list.
D
Derrick Bennett
I'm not sure on it's capabilities, but I was notified through huntress (albeit a day after the news broke) about a large vulnerability discovered in my Veeam software, so I feel like there's already something in place, but a more robust feature would be awesome.
E
EG
Derrick Bennett: We received a similar one, which was awesome. Link to the KB article and everything, which was a nice touch.
C
Chris Wiegman
Add a whole network scan options as well :)
E
Eneida'la Kertzmann'la
CyberCNS is trying to do this, but they make it impossible to know which patches solve which CVEs. If you go this route it has to be user friendly.
J
James Bierly
The Paid version of Defender provides that from the console. Consider using it as your EDR
Load More
→