The actionable SVM’s vulnerability assessment results are achieved by performing a file-level scan against special criteria we have identified (referred to as a file signature). This capability provides definitive, actionable insights about the vulnerability status of a specific version of software on your endpoints. Such results require the SVM scanner to be executed on desired endpoints. Often this is achieved by running a scheduled task with an endpoint management solution like ConfigMan, Intune, or Workspace ONE. Alternatively, the scanner may be installed as an agent.
However, we are often asked by our customers if an assessment may be made against existing software inventory data to avoid the need to run scans on endpoints. While a file-based scan using our file signatures will always provide the best possible results, we are introducing an alternative inventory-based assessment. This beta feature of SVM can provide directional (less definitive) inventory results depending largely upon the detail of the version information contained in the supplied inventory data. An inventory-based vulnerability assessment may be desired if:
You can now import a software inventory in SVM for vulnerability assessment. Inventory data is easily exported to a CSV file from endpoint management systems like Microsoft ConfigMgr, Intune, Workspace ONE, or software inventory and asset management solutions like Flexera FNMS. SVM accepts a simple CSV file for inventory import. While it may include additional columns disregarded by the scan, the CSV file must contain the columns, product, vendor, and version. Rename the appropriate columns at the start of your CSV file to match these specific names if necessary, before importing.
Click on Import Inventory to browse to a CSV file that contains the inventory.
You may import multiple inventory files into SVM. To better identify those inventories, they may be named upon import (a default name is populated to match that of the CSV file name). After an inventory is imported successfully in SVM, you will see it assigned one of the following statuses:
Determining the vulnerability status of software based on inventory information can be challenging due to a lack of detail (especially when a full, detailed, version number is required to determine security status and inventory reports seldom include such detail. To better account for the less definitive nature of inventory-based assessment, the following statuses have been introduced for inventory-based assessment:
This new Inventory Assessment capability is in beta. Please play with it and provide feedback in the SVM Discussion Forums as we plan to enhance this feature in future releases. Currently planned enhancements include:
We would love to hear any feedback or ideas you may have to improve this evolving inventory assessment capability to better serve you. Please submit your ideas on the Flexera Idea portal or discuss in the SVM Discussion Forum.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.