- Knowledge base
- Product news
-
Security updates
-
Product news
-
Next-Gen Vulnerability Management
-
Getting started
-
General
-
Operating status
-
Network & System Security
-
Web Application Security
-
Cloud Security
-
API Security
-
Phishing Simulation & Awareness Training
-
Attack Surface Management
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset management
-
Vulnerability manager
-
Reports
-
Digest reports
-
Organizer
-
Continuous monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & conditions
-
Dashboard
2024-12-10: Improved naming convention for vulnerabilities using Device Agent
Improved naming convention for vulnerabilities
With the recently released Microsoft patch-related vulnerability support in our Device Agent, we have standardized the naming of vulnerabilities related to Microsoft patches across devices, networks, and host systems. This unified approach simplifies identification and remediation efforts, making your vulnerability management more efficient and effective.
Examples
Here are some examples:
- A single CVE vulnerability will contain the full vulnerability name:
Visual Studio Remote Code Execution Vulnerability (KB5029365) - Multiple CVEs will include vendor and product, including month and year:
Microsoft Windows Multiple Vulnerabilities (KB5044293) (October 2024)
Want to get started with Device Agent for Windows?
Reach out to your main contact or send an email to sales@holmsecurity.com.
Expanded threat intelligence for exploited vulnerabilities
We are pleased to announce our new integration with VulnCheck, providing an additional source of information on vulnerabilities with known exploits. This enhancement enriches your vulnerability data, enabling more accurate risk assessments and prioritization of remediation efforts.
This gives a total of 30 integrated sources for threat intelligence related to exploits and ransomware.
Read more about VulnCheck & our exploit intelligence sources
What is the Vulncheck Known Exploited Vulnerabilities (KEV) list?
Enhancements
- All reports have received a facelift with a new design on the cover page.
- The state “Closed (fixed)” on vulnerabilities is now referred to as “Fixed.”
- Vulnerabilities with multiple CVEs are now easier to open from the unified views.
- Improved validation of tags for certain cases when scanning a network or host.
- Improved performance when selecting tags in several selection lists.
- Performance improvements for tags assignment for assets.
- Re-saved account settings being overridden have been addressed.
- An issue with generating the OWASP Top 10 report for web application scanning has been addressed.
- Policy scans now allow authentication using both private keys and username/password.