Security Resolve
Security Resolve is a powerful solution that allows you to automatically fix all the system vulnerabilities and misconfigurations right after they're detected during the Security Scan process.
You can fix the vulnerabilities without writing a single line of code, creating a Security Resolve task in the Security subsection on the Vulnerabilities tab.
After a Security Scan reveals some security breaches, for example, unwanted software, enabled autorun, or disabled antivirus, you can automatically remediate them using ready-made and tested resolution workflows in Automated Workflows.
For those flaws that can't be automatically fixed, you can find a recommended solution by clicking the View Details link in the summary tab on a specific vulnerability page.
❶ |
Create: From the main menu go to Tasks > Click '+Create' > Choose 'Patch Scan' or Select 'Patch Scan' directly from the list of tasks in the left pane. Or right-click the vulnerability you would like to fix from the list of Vulnerabilities and choose 'Security Resolve' This will open a Task Wizzard. You can also initiate this task from the Device section by right-clicking a selected device and choosing the desired task. This method targets only the specific device currently being viewed. |
❷ |
Where: Select security flaws on which devices to fix using either Predefined Device Queries, User Defined Device Queries, Device Groups, Specific Devices & Active Directories, or All Devices > Click 'Next' Although groups and queries can be used, we recommend fixing security issues on every device. |
❸ |
What: Choose the security issue you wish to fix automatically by selecting it from the list (you can fix flaws only one by one) > Click 'Next' |
❹ |
When: Select when you would like your vulnerabilities remediation to run > Click 'Next' You may configure a Maintenance Windows during which a Security Resolve task will be completed, a repeat interval such as 'repeat every Monday' for unsuccessful devices, and the Protect option to ensure the task does not run during important business hours. It's strongly recommended to create a recurring Security Resolve Task with Maintenance Windows. The recommendation is to fix vulnerabilities on all devices on a perpetual basis; the maintenance window provides this level of recurrence with a set task duration. |
❺ |
Summary: Review the settings of the task and if configured correctly, click Run Now to save and run the task. |
TroubleshootingTroubleshooting
The list below will highlight some of the possible result statements with resolution.
Issue/Result Statement | Reason/Resolution |
---|---|
'Not Connected' | The device has a MicroAgent already installed, and it is not responding. The device is offline/not connected to the network. |
'Partial success' | The device started the task and completed a scan of some of the updates; however, the device could not complete the task. |
'Target device disconnected' | The device started the task target device disconnected before any updates were scanned. |
'Lost Connection' | The device started the task but disconnected at any point in the task. Typically shown if target device disconnected before any updates were scanned. |
'Not enough free disk space' | The device does not have enough disk space to download the content. Ensure target device has enough disk space and re-attempt deployment task. |
'Thread Being Aborted' or any other 'ErrorCode' | The device likely has existing security software that does not trust Absolute. 3rd party software must be populated with exclusions to trust this solution. |