Automation Config uses an automated process to search for the latest security advisories along with the software packages or versions to fix nodes that are impacted by those vulnerabilities. This content is built and updated continuously in the vulnerability library.

When a new advisory or remediation is available, Automation Config bundles the library into a tarball and makes it available for download to Automation for Secure Hosts Vulnerability customers. By default, Automation Config checks for new content daily.

The vulnerability library tarball is encrypted before it is made available to Automation for Secure Hosts Vulnerability customers to ensure data integrity. A Secure Hosts Vulnerability license comes with the necessary keys to decrypt the tarball once it is downloaded. When Automation for Secure Hosts Vulnerability ingests a new tarball, it may take 15-20 minutes to get the latest content, which can impact performance. If you use the default process to update the vulnerability library, you should expect this performance delay the first time you download this content after installing and activating Automation for Secure Hosts Vulnerability. Then, when a new tarball is available for download, it is ingested and updated. However, you can experience the 15-20 minute delay during ingestion again, depending on the timing of the update. You can reduce the possibility of this delay by updating the vulnerability library manually. To update the content manually, click Administration > Secure Hosts. Under Vulnerability Content click Check for updates.

Note: The Package ID matches the UUID of the content tarball provided by Automation Config. However, if you notice a mismatch between the two IDs, this is because the tarball has been renamed. Check the name of the file you uploaded to ensure it still has the original filename provided by Automation Config. It might have been modified by a user, or by a computer.