Vulnerability Assessment Dashboard

Applies To: WatchGuard Advanced EPDR This topic applies to the WatchGuard Advanced EPDR endpoint security product., WatchGuard EPDR This topic applies to the WatchGuard EPDR endpoint security product., WatchGuard EDR This topic applies to the WatchGuard EDR endpoint security product., WatchGuard EPP This topic applies to the WatchGuard EPP endpoint security product.

Vulnerability Assessment identifies third-party applications that have available patches or have reached end-of-life (EOL), as well as patches and updates released by Microsoft (for example, operating systems, databases, Office applications).

The Vulnerability Assessment dashboard shows the patch status of Windows, Linux, and macOS computers in your network. Several tiles provide important information and provide links to more details.

To open the Vulnerability Assessment dashboard:

1. In WatchGuard Cloud, select Monitor > Endpoints.
2. Select Status > Vulnerability Assessment.
   The Vulnerability Assessment dashboard opens.
3. To view detailed information, click a tile. The Vulnerability Assessment dashboard includes these tiles:
• Vulnerability Assessment Status
• Time Since Last Check
• End-of-Life Programs
• Available Patches
• Available Patches Trend
• Most Available Patches for Computers
• Programs with Most Available Patches

Vulnerability Assessment Status

The Vulnerability Assessment Status tile shows the status of Vulnerability Assessment on computers in your network. Use this tile to identify problems, such as computers where Vulnerability Assessment did not install correctly, computers with no Vulnerability Assessment license, and other issues.

To open the Vulnerability Assessment Status list filtered to show devices with that status, click a status. The tile shows the number and percentage of computers with these statuses:

• Enabled — Vulnerability Assessment installed successfully, runs with no issues, and the assigned settings enable the module to search for patches automatically.
• Disabled — Vulnerability Assessment installed successfully, runs with no issues, but the assigned settings do not enable the module to search for patches automatically.
• No license — Vulnerability Assessment does not work because no license is assigned to the computer or there are insufficient licenses.
• Installation Error — Vulnerability Assessment could not install.
• No Information — The computer has a license, but has not yet reported status to the cloud, or has an outdated agent installed.
• Error — Vulnerability Assessment does not respond to requests sent from the cloud, or has settings that are different from those configured in WatchGuard Cloud.

To see a list of computers that do not have WatchGuard Endpoint Security, click the computers have been discovered that are not being managed link. The Vulnerability Assessment Status list opens filtered to show computers and devices that do not have WatchGuard Endpoint Security.

Time Since Last Check

The Time Since Last Check tile shows the number of computers that have not connected to the WatchGuard server and reported patch status for more than 3, 7, and 30 days. Use this tile to identify computers that might be at risk and require your attention.

To show the relevant devices, click a number to open the Vulnerability Assessment Status list filtered.

End-of-Life Programs

The End-of-Life Programs tile shows information about programs that have reached or are close to end-of-life, grouped by end-of-life date. End-of-life programs are no longer supported by the software vendor and do not receive patches to resolve security issues and vulnerabilities.

The tile shows the number of computers on the network with these types of programs installed:

• Currently in EOL — Programs that have reached end-of-life and do not receive updates from the vendor.
• In EOL (Currently or in 1 Year) — Programs that have reached end-of-life or will in the next year.
• With Known EOL Date — Programs that have a known end-of-life date more than one year in the future.

To open the End-of-Life Programs list filtered to show the relevant computers, click a number. For more information, go to Review End-of-Life Programs.

Available Patches

The Available Patches tile shows the number of patches of different types that are available for computers on the network.

Numbers on this tile count the same patch multiple times if multiple computers do not have the patch installed. Similarly, a computer counts multiple times if it is missing multiple patches.

The tile shows these types of patches:

• Security Patches — Patches for security issues that are available for installation on your computers.
  • Critical — Security patches classified as critical.
  • Important — Security patches classified as important.
  • Low — Security patches classified as low.
  • Unspecified — Security patches that do not have a severity classification.
• Other Patches (Non-security Related) — Other patches not related to security that are available for installation on computers.
• Service Packs — Patch and hotfix bundles that are missing from computers.

To show the affected computers and relevant patches, click a patch type to open the Available Patches list filtered. To show patches of all types, click View All Available Patches.

Available Patches Trend

Shows the trend of the number of patches that are pending installation on the computers on the network, grouped by severity.

Point to a node on the graph to show a tooltip with this information:

• Date
• Type
• Number of patches

To open the Available Patches list filtered by the selected item, click the legend items below the graph. To open the full Available Patches list with no filters applied, click the graph.

To filter the information in the Available Patches Trend tile, click . You can filter the tile by Computer Type, Operating System Patches, and App Patches. For information on the patches supported by Vulnerability Assessment, go to this Knowledge Base article: Vendors and Apps Supported by WatchGuard Patch Management.

Most Available Patches for Computers

The Most Available Patches for Computers tile lists available patches and the number of devices (in Pending or Pending Restart status) the patch is available for, in descending order from left to right.

To filter the patches in the tile by Criticality, Computer Type, or Patch Type, click.

Point to a box in the tile to see a summary of the patch, including:

• Patch name
• Number of affected computers
• Program (or operating system family)
• Criticality
• Release date
• CVE (Common Vulnerabilities and Exposures) ID

To open the Available Patches by Computer list filtered to the selected patch, click a box in the tile. This list shows the computers and devices missing the patch.

To manage the computers in the Available Patches by Computer list, in the row for a computer, click and select from the menu that opens:

• Install
• Schedule Installation
• Exclude
• Isolate Computer
• View All Available Patches for the Computer
• View Which Computers Have the Patch Available

Programs with Most Available Patches

The Programs with Most Available Patches tile lists the software programs that are missing patches, as well as the number of patches the program is missing, in descending order from left to right. Click a box in the tile to open the Available Patches list filtered to the program. The list shows the program and patch that is missing, as well as the criticality of the patch.

To filter the computers in the tile by Criticality, Computer Type, and Patch Type, click.

Related Topics

Vulnerability Assessment Requirements

About Patch Management