Patches: Overview

High-level overview of the Patches page in RiskSense.

The Patches page allows users to quickly and easily view patches and fixes that provide the most impactful results for your environment. The page shows a list of fixes that affect vulnerabilities across the environment and shows the potential RS³ gain for completing the project. The view also shows the total number of hosts impacted by the vulnerabilities in clickable views, making it easy to see exactly what assets are affected.

NOTE:  The total number of assets on this page represents a view of the total assets impacted across the account. When clicking on the asset number, you will then see the assets that you specifically can access.

To get started, navigate to the Manage > Patches page.

Navigation - Manage - Patches

The Patches page displays a helpful layout of all patches related to vulnerabilities across your environment.

patches page

  1. All Patches: This box shows all patches across all vulnerabilities, the number of assets attributed to these findings' patches, and threats associated with the patches. Clicking the numbers takes you to a Findings view specifically for those data sets.
  2. Patches For Vulnerabilities with Threat: A more specific breakdown of the patch associations and fix potential. This box focuses on patches that will fix “threat” type vulnerabilities.
  3. Patches For Vulnerabilities with RCE/PE: A more specific breakdown of the patch associations and fix potential. This box focuses on the patches that will fix the “RCE/PE” type vulnerabilities.
  4. Patches For Trending Vulnerabilities: A more specific breakdown of the patch associations and fix potential. This box focuses on patches that will fix “trending” type vulnerabilities.
  5. Patch Title: Patch name/title suggested by RiskSense as a fix.
  6. Patch Severity: Severity of the vulnerability the patch addresses.
  7. Assets Affected: The number of assets throughout the account that are affected by the vulnerability. This is clickable and will take you to the assets you can access through your permissions (e.g., if the # of assets affected says 50 but you only see 11 when you click it, you only have access to 11 of those 50 assets through the groups you can access/view).
  8. # of Findings/Plugins Fixed by the Patch: The number of findings and plugins throughout the account that are affected by the vulnerability.  This is clickable and will take you to the findings/plugins that you can access through your permissions (e.g., if the # of assets affected says 50 but you only see 11 when you click it, you only have access to 11 of those 50 assets through the groups you can access/view).
  9. # of Vulns Addressed by Patch: The number of vulnerabilities addressed by the patch across the entire account. Clicking on the number, you will see the vulnerabilities that you have access to through your personal group permissions.
  10. # of Threats Addressed by Patch: The number of threats (malware+exploits) that could be fixed by applying the listed patch.
  11. # of Manual Findings Addressed by the Patch: The number of manual findings addressed by applying the listed patch.
  12. # of RCE/PEs Addressed by the Patch: The number of RCE/PEs addressed by applying the listed patch.
  13. Filters: Use the page's filters to sort the patches in a variety of ways.