CVE Based Vulnerability Scanning | Voters

CVE Based Vulnerability Scanning

Winona Olson

There don't seem to be many products in the MSP space that do CVE-based alerting. Those that do try to be "one stop" tools that replace Huntress (such as RocketCyber.)

I would love it if you added this as a feature, even if it was an add-on.

June 29, 2021

Patrick Sofo [Security Product Manager]

Merged in a post:

Vulnerability Scanner

James Stull

I would love to have vulnerability scanning built into huntress to let me know if any OS or 3rd party applications are out of date and vulnerable. Even better is if we could then use the built-in winget to update those applications.

March 1, 2024

Peter O'Hara

check out roboshadow.com. It has a free option and next option up is minimal spend. they are building a Cyber RMM in the near future. For an MSP is free value-add that can be charged to customers as part of the service.

Matt Gerbrandt

Check out hackertarget.com, look what there doing with NMAP and OpenVAS scanners. Have Huntress auto detect public IPs, give your customers the click of a button to enable NMAP, OpenVAS scheduled scanning, do change management like they are, so we can be alerted when there is a new port or vuln detected, have that integrate into PSA integration.

James Stull

A way to make this happen, is just digest the information from Defender for business. It has a full vulnerability and best practice configuration to limit attack surface. Huntress could digest this info, and help us come up with a plan, or even better give us an easy button for common configuration changes and update 3rd party apps through winget or something to help limit vulnerabilities.

Mason Schmitt

Yes! Our RMM tool is supposed to provide us with accurate reporting of OS patches, but it currently is not reliable. We really need a tool to verify that patches are actually installed. Doing the same for a number of common applications would also be good. I think this functionality would fit well with Huntress' locally installed agent.

I'm less certain about having Huntress scan the network to look for vulnerabilities. I assume this would happen either via installing a special scanning agent in a privileged position in the network or with Huntress scanning remotely over a VPN. I really don't like the latter option and probably wouldn't use it. The former would be acceptable, but when considering some of the other feature requests I'd place this one well down the priority list.

Derrick Bennett

I'm not sure on it's capabilities, but I was notified through huntress (albeit a day after the news broke) about a large vulnerability discovered in my Veeam software, so I feel like there's already something in place, but a more robust feature would be awesome.

Derrick Bennett: We received a similar one, which was awesome. Link to the KB article and everything, which was a nice touch.

Chris Wiegman

Add a whole network scan options as well :)

Brian Arredondo

CyberCNS is trying to do this, but they make it impossible to know which patches solve which CVEs. If you go this route it has to be user friendly.

James Bierly

The Paid version of Defender provides that from the console. Consider using it as your EDR

Andrew Starr

Would love to see this feature

→