I’m kind of an “off-the-rack” guy when it comes to a lot of things. Buying a new shirt? I’m good with most anything I can find at a local or online store. Ordering a meal from my favorite hamburger joint? I’m good with regular fries, no need to substitute onion rings. Stopping at a convenience store to get a Diet Coke? Give it to me the way it was originally intended with none of these flavor mix-ins.
When it comes to some things, however, I like a little more say in what I get. Buying a new TV? Give me an OLED screen over an LCD screen any day. Using Microsoft Word to write this blog? I’ve got to add the Spelling and Grammar option to the Quick Access Toolbar.
I think most people feel similarly. Some things we care about more, some things we care about less, but it is always good to have options.
#ZENworks2020 introduced the ability to identify the software vulnerabilities that impact devices in your zone, remediate those vulnerabilities, and track the remediation progress across all devices. To help you do this, we included three new dashlets on the Security dashboard: the Top CVEs dashlet, the CVE Severity Distribution dashlet, and the CVE Tracker dashlet.
As we designed the dashlets, we tried to present an “off-the-rack” view of what we thought you’d be interested in. We also realized, however, that you might want to have some options, so we made it possible to easily customize the data that is displayed. Today I thought I’d walk through some examples of possible customization.
The dashlet filters, which are available when you expand a dashlet, control the data that is displayed. By default, the dashlet shows the CVEs that are applicable to the devices to which you have Administrator Device Rights, but you can use the filters to limit the scope to specific device folders, device groups, device types, or platforms.
So, for example, you could create custom CVE Severity Distribution dashlets that show the CVE distribution for your Windows 10 devices, for your Windows Servers, or for a particular device group such as your Sales group.
The filters aren’t limited to controlling the scope of devices included in the dashlet. You can also select which vendor’s CVEs and CVE severities are included in the dashlet.
In the following examples, a combination of the device, vendor, and severity filters have been used to create customized CVE Severity Distribution dashlets. In the first example, the Vendor filter is configured to show CVEs for Microsoft software and the Device Group filter is set to include only Windows 10 workstations. The second example is configured to show only Critical and High severity Microsoft CVEs for Windows 7 workstations. The third example shows, Critical, High, and Medium severity Adobe CVEs for all Windows devices.
The Top CVEs dashlet has the same filters as the CVE Severity Distribution dashlet plus one more – the Top CVEs Based On filter.
This filter lets you determine the sort order for the dashlet. The default order is by most recently released but you can also sort by most number of vulnerable devices or by CVE severity.
The following Top CVEs dashlets show examples of each sort order with some additional device, vendor, and severity filters applied. The first dashlet is configured to display the 10 most recently released CVEs that are applicable to the Sales devices. The second dashlet displays the 10 Microsoft CVEs with the most number of vulnerable Windows 10 devices. The third dashlet shows the 10 most severe CVEs for Windows 7 devices but only includes Critical, High, and Medium severity CVEs.
The grid columns in the expanded dashlet can also be customized to show two additional columns – Not Vulnerable and Last Modified. The Not Vulnerable column displays the number of devices that the CVE applies to but that are not vulnerable to the CVE because they have been patched. The Last Modified column shows the date the National Vulnerability Database last modified the CVE information.
By default, the CVE dashlets are pinned to the Security dashboard. You can also pin a dashlet to the Home dashboard.
Or, if you want to remove the dashlet from the Security dashboard without deleting it, you can unpin it from all dashboards. At that point, it is stored on the dashboard selector’s Saved panel.
If you are an “off-the-rack” kind of person, we anticipate that the default CVE dashlets in ZENworks 2020 will provide you with a great view of the software vulnerabilities impacting your devices. But if you are not, even occasionally, the customization capabilities of the CVE dashlets provide a great option to give you that custom experience you are looking for.
Thanks for spending a few minutes with me. Look for my next blog, Emerging threat? No problem. Track it, remediate it, repeat as necessary, on February 11, 2020.