After deploying sensors on endpoints, you can view security vulnerabilities and use this information to schedule patches or updates.

You can view all vulnerabilities for your endpoints while logged in to the Carbon Black Cloud console and navigating to the Vulnerabilities > Endpoints tab.

The Inventory > Endpoints screen allows you to access the device's vulnerabilities as well. Double-click a row and locate the Vulnerability severity in the drop-down panel. If you wish to view the updated vulnerability data immediately, click Reassess now.

Endpoints can have multiple vulnerabilities, each with a different risk score. Based on this score, vulnerabilities are filtered by severity - critical, important, moderate, or low. The higher the risk score, the higher the severity. To learn more about severity and risk score, refer to Risk Evaluation.

Critical severity is the default filter. To view all vulnerabilities irrespective of their severity, click All. This view shows the count of all vulnerabilities across all endpoints.

Depending on how you want to view the vulnerability data, you can either select the Endpoints view or the Vulnerabilities view.

Endpoints View

Once you navigate to Vulnerabilities > Endpoints tab, the Endpoints view is available by default. Here you can filter the data by OS and manage the data the sensors gather from all endpoints in your environment. Double-click a row or click the > icon to view more information on related vulnerabilities in the expanded Vulnerabilities details panel. Vulnerability data for each endpoint is refreshed automatically every 24 hours. If you wish to view the updated vulnerability data immediately, click Reassess now from the Vulnerabilities details panel.

Vulnerabilities View

When you select Vulnerabilities from the View by drop-down menu, you can filter data based on Type (App or OS), or based on OS (Windows or Linux).

OS-level and App-level vulnerabilities for Windows endpoints are discovered through the OS details and security patches applied on each endpoint. OS- level and App-level vulnerabilities for Linux endpoints are discovered through the OS details and the list of all installed packages. When the security patch associated with vulnerability is not applied or the package installed is detected to be vulnerable, the system flags the endpoint as vulnerable. For details on how to remediate a vulnerability, see Resolve Vulnerabilities.