Security Scan
Security Scan is a powerful tool that allows you to schedule regular or one-time vulnerability scans of all the devices or specific ones.
You can scan all possible vulnerabilities creating a Scan task in the Security subsection on the Vulnerabilities tab or designing a corresponding Workflow.
After a security scan reveals some security breaches, for example, unwanted software, enabled autorun, or disabled antivirus, you can automatically remediate them using ready-made and tested resolution workflows in Workflows section.
For those flaws that can't be automatically fixed, you can find a recommended solution by clicking the 'View Details' link in the summary tab on a specific vulnerability page.
For more information check the Security Content Library page.
|
Important Information Security scans can take 2-5 minutes or longer to complete, we recommend scanning all devices every day |
| ❶ |
Create: From the main menu go to Tasks > Click '+Create' > Choose 'Security Scan' or Select 'Security Scan' directly from the list of tasks in the left pane. You can also initiate this task from the Device section by right-clicking a selected device and choosing the desired task. This method targets only the specific device currently being viewed. |
| ❷ |
Where: Select which devices to scan using either Predefined Device Queries, User Defined Device Queries, Device Groups, Specific Devices & Active Directories, or All Devices > Click 'Next'. Although groups and queries can be used, we recommend scanning every device. |
| ❸ |
What: Select the security vulnerabilities you wish to scan for using either Custom Query, Group, Specific, or All security vulnerabilities > Click 'Next'. Although groups and queries can be used, we recommend scanning for everything. |
| ❹ |
When: Select when you would like your scan to run > Click 'Next'. You may configure Maintenance Windows during which a Security Scan task will be completed, a repeat interval such as 'repeat every Monday' for unsuccessful devices, and the Protect option to ensure the security scan does not run during important business hours. It's strongly recommended to create a recurring Security Scan Task with Maintenance Windows. The recommendation is to scan all devices on a perpetual basis; the maintenance window provides this level of recurrence with a set task duration. |
| ❺ |
Summary: Review the settings of the task and if configured correctly > Click 'Finish' to save the task. |
TroubleshootingTroubleshooting
The list below will highlight some of the possible result statements with resolution.
| Issue/Result Statement | Reason/Resolution |
| 'Not Connected' | The device has a MicroAgent already installed, and it is not responding. The device is offline/not connected to the network. |
| 'Partial success' | The device started the task and completed a scan of some of the updates; however, the device could not complete the task. |
| 'Target device disconnected' | The device started the task target device disconnected before any updates were scanned. |
| 'Lost Connection' | The device started the task but disconnected at any point in the task. Typically shown if target device disconnected before any updates were scanned. |
| 'Not enough free disk space' | The device does not have enough disk space to download the content. Ensure target device has enough disk space and re-attempt deployment task. |
| 'Thread Being Aborted' or any other 'ErrorCode' | The device likely has existing security software that does not trust Absolute. 3rd party software must be populated with exclusions to trust this solution. |