Ivanti Cloud

Home 

Patch Intelligence

Ivanti Cloud delivers a Patch Intelligence application that gathers and aggregates data to help manage, prioritize and streamline patching in your environment.

Ivanti and User known issues can be used to highlight potential issues with individual patches.

You can filter and order the patches by Type, which gives you a priority order to apply patches to resolve the largest problems first—for example, Security Critical and Security Important.

Bulletin and Patch threat scores can be used to help the prioritization.

Not only is Patch Intelligence a proactive tool used by IT Ops teams to plan the deployment of patches, it can also be used reactively. For example, technical support investigating an issue can check the reliability ratings and feedback for recently applied patches that may be pertinent to the issue they're investigating.

To access Patch Intelligence, click Software > Patch Intelligence in the left navigation pane.

Add a Connector

To add an Ivanti Endpoint Manager (EPM) connector select Add Connector at the top of the dashboard, the Help panel Get Started with Connectors slides out, select Go To Connectors which walks you through the steps required.

Alternatively:

1.Open the Setup menu.

2.Select Connectors. See the Setting up connectors topic for further details.

3.Select Add Connector for the desired server.
The connector tiles display.

4.Select the Endpoint Manager (EPM) tile.
The EPM connector form displays. For more information on how to complete the form see Endpoint Manager connector.

All Bulletins

Once a connector has been added the Patch Intelligence dashboard displays all the devices in the connected environment, called My Environment. To switch the view back to display all released bulletins, select All Bulletins.

Dashboard pie charts

The Patch Intelligence dashboard contains 3 charts; you can click any colored segment on a chart to filter the results in the bulletin table below the charts. To remove any applied filters, click

The chart types are:

  • Top Vendors: The top 5 vendors that have released the most bulletins within the last 14 days.
  • Bulletin Types: The number of each type of bulletin across all vendors released within the last 14 days.
  • MS Patch Tuesday: All of the Microsoft Patch Tuesday bulletins, categorized by vendor and severity.

Why 14 Days? - Research has shown that patching vulnerabilities within 14 days of identification is the optimum period to reduce risk of exploitation.

Bulletins

The bulletin table contains a list of all the latest validated bulletins with associated patches, listed in date order by default. You can customize the view by filtering, sorting, or searching by keyword (see below).

You can customize the table view using the Column Chooser . Available columns are:

  • Reliability: helps to determine the usefulness and stability of the patch. The number of successful installations determines the score given:
    • Green indicates a score of 0.1 - 3.9
    • Yellow indicates a score of 4.0 - 6.9
    • Red indicates a score of 7.0 - 10

    The Reliability column is only available when a connector is added.

  • Threat: Highest NVDClosedNational Vulnerability Database CVSSClosedCommon Vulnerability Scoring System v3 score taken from all CVEs associated with patches in the bulletin. If v3 is not available the v2 score is taken. N/A displays if no score is available.
    • Green indicates a score of 0.1 - 3.9
    • Yellow indicates a score of 4.0 - 6.9
    • Red indicates a score of 7.0 - 10

NISTClosedNational Institute of Standards and Technology can take up to 2 weeks to update their website.

  • Bulletin Id: Bulletin Id. Click to open the Bulletin Information.
  • Title: Bulletin title.
  • Known Issues: Number of reported known issues. Click to open the Known Issues tab on the Bulletin Information.
  • Unpatched Devices: Number of devices that do not have the patch installed. Click to open the Unpatched Devices tab on the Bulletin Information.
    The Unpatched Devices column is only available when a connector is added.
  • Bulletin Date: Date of issue.
  • CVE Count: Number of CVEs the bulletin contains.
  • Vendor: Software vendor that has issued the bulletin.
  • Type : the bulletins are categorized to one of the following types:
    • Security: Critical, Important, Moderate, Low, Unassigned
    • Non-Security: Critical, Important, Moderate, Low, Unassigned

Bulletin Information

Select any bulletin in the table to view further details. Such as Vendor Summary, threat score, known issues and products affected.

Filter, sort, and search

You can search, sort, and filter the bulletin database based on a number of attributes.

Related topics

Setting up connectors

Endpoint Manager connector


Was this article useful?