Select the relevant tool: CSPM, CIEM, or CSPA(displayed as links) from the top-right of the dashboard to access the section in CSRM for remediation.

For example, if you select CIEM, then the CIEM tabular listing opens for you to begin the patching activities.

Addressing missing patches by creating remediation tasks is crucial for maintaining the security and stability of IT infrastructure. Saner CSRM provides a wizard-based approach to creating a remediation task for the missing patches.

1. Navigate directly to the Top 10 Missing Patches block in the CSRM dashboard
2. Choose the relevant tool: CSPM, CIEM, or CSPA to see the corresponding missing patches
3. Click the Remediation Id link to initiate the process of creating a remediation task
   The Create Patching Task window opens.

1. From the list of Affected resources, choose the ones you want to remediate
2. Use the checkbox to select or deselect resources as needed
3. Click Next Step to proceed

1. Select the appropriate option to Review or configure the remediation settings for your patching task
2. Once satisfied with the configuration, click Next Step

1. Enter the Task Name and Description in the required fields
2. Use the dropdown to select one of the Remediation schedule:
   • Immediate – To apply the remediation immediately
   • Select Date & Time – To schedule the remediation for a specific time
3. After entering the schedule details, click Next Step

1. Carefully review the patching task settings and configurations
2. Provide your consent by selecting the checkbox that confirms settings have been reviewed and aligned with security and operational requirements
3. Click Create Task to finalize and submit the patching task

1. Once created, the patch remediation task appears in the Remediation Status block on the CSRM (Cloud Security Remediation Management) dashboard
2. Use this section to observe the progress and status(such as Pending Approval, Not Initiated, In Progress, Success, Failed, or Completed) of your patch remediation task

— Pending Approval: The remediation job requires approval before execution. This stage ensures that all necessary stakeholders review the job and its impact before proceeding, reducing the risk of unintended consequences.

— Not Initiated: The remediation job is created but not yet started. This status indicates that prerequisites are not met, or the job is scheduled to start at a later time.

— In Progress: The remediation job is currently being executed. The system is actively applying fixes or patches to address the identified vulnerabilities or issues.

— Success: The remediation job has been completed successfully, and all targeted issues have been resolved as expected. No further action is required for this job.

— Failed: The remediation job did not complete due to errors or issues during execution. This status requires investigation to determine the root cause and potentially retry or escalate the job.

— Completed: status typically indicates that the remediation job has completed While “Completed” may overlap with “Success,” it could also include scenarios where the job ended with partial success or manual interventions.

You encounter the error message during patch task creation, typically when the target resources are invalid or inactive in the system, remediation template is not configured correctly, or schedule details are incorrectly specified.

As a precursory step, go ahead and revisit the previous steps:

• Select Resources: Ensure the target resources are valid and active in the syst
• Rem Template: Verify the selected remediation template is configured correctly
• Schedule Job: Double-check if the scheduling details, such as time, are correctly filled and conflict-free

If the issue still persists, click “Contact Support” in the interface to directly notify SecPod’s support team. Provide them with:

• A detailed description of the steps leading to the error
• Affected resources and templates used
• Logs or screenshots, including this error screen
• Any specific error codes or IDs visible in the logs

Viewing the severity of a missing patch affected by a rule is critical for effective vulnerability management and prioritization. By viewing the severity of missing patches in Saner CSRM, you can prioritize the application of critical patches that address significant vulnerabilities.

Navigate to the Top 10 Missing Patches block in Saner CSRM dashboard that displays the most critical patches yet to be applied

In the search box, key in the Rule number(for example, 2023-0038) and press the enter key.

In the results view, check the Severity column that indicates if the patch is of High, Medium, or Low severity.
You can also review the Affected Rules section, which lists the rules impacted by the missing patch.

Apart from the severity, the detailed view also provides insight into:

Affected Services: services impacted by the missing patch

Regions: geographic locations that comprise of affected resources

Resource Count: number of resources affected by the rule

1. Navigate to the Top 10 Missing Patches block on your dashboard
2. In the Search Box, key in the Rule Number you want to locate
3. The system filters and displays the patches relevant to the entered rule number

Look for the patch details related to your rule. The grid view displays information that includes Remediation ID, Title, Affected Rules, Region, and Severity.

Click on the value within the Region column to see the regions for which the rule applies. To take further action, click on the Remediation ID link. This allows you to:

1. View the detailed patch information
2. Create a Remediation or Patch Task to address the missing patch for the rule

Monitoring the status of remediation jobs ensures that patches are applied as intended and that remediation tasks are completed successfully. Saner CSRM enables proactively tracking job statuses —such as ongoing, partial, successful, or failed — teams can quickly identify and resolve issues like failed deployments, misconfigurations in the patching process, connectivity problems, or other errors. Overall, this process enhances the organization’s security posture by prioritizing critical patches.

You can choose to view the overall status of the remediation job using one of the options:

Option 1: From the “Top 10 Missing Patches” Block

Option 2: From the “Remediation Status” Block

Look directly into the Overall Status column within the Remediation Status block to gain insight into the status of the remediation job across tools: CIEM, CSPM, CSPA.

Saner Cloud offers built-in rules that assist in fixing misconfigurations promptly after they are detected. When the system is set up for automated remediation, the rule engine activates and manages the entire patch remediation process—from scanning to deployment—automatically.

The ability to schedule patches on a daily, weekly, or monthly basis eliminates the need for manual intervention, allowing for effortless completion of patch remediation tasks.

Additionally, you can modify the automation rules at any time, pause or resume them as needed, or remove the existing rule and create a new configuration from scratch.

From the top-right of Saner CSRM Dashboard page, choose the relevant tool — CSRM, CSPM, CIEM for which you to configure the automation remediation.

For explanation purpose, CSPM is taken as an example.

Click the Automation link on the top-right of the page.

Select the Remediation ID from the CSPM Automation page and click the Create Automation Rule button. The Create Automation Task window opens.

Within the Create Automation Task window, review the remediation settings for the id you selected. Make changes if any and proceed to the next step.

From the Create Automation Task window, click Next Step and proceed to provide the Name and Description for your automation task.

Setting up the automated patching, ensures that the remediation takes at scheduled intervals.

You can set up the scan to run on a daily or recurring basis and also alternate between weekly or monthly intervals.

Here’s a breakdown of how often the remediation takes place:

1. After Scan: Determines that the remediation takes place after every scan
2. Daily: The remediation takes place every day at the same time you specify
3. Weekly: The sync runs for the specified week, day(s) at the same time
4. Monthly: The sync takes place once a month, on the specified week(s), day(s), and time

From the Task Controls panel, click the Patching Notification button. The Job Summary Notification panel gets enabled for you to provide the recipient email ids.

After providing all the configuration details to setup the remediation automation, go ahead and click the Create Automation button.

A time-based line plot shows the correlation between the number of pending patches and their age in days, helping teams address older, high-risk vulnerabilities first.

From the Saner CSRM dashboard, navigate straight to the Patching Aging block for further analysis.

The “Patch Aging” chart visually represents the duration during which patches remain unapplied in an IT environment. It illustrates the relationship between the number of pending patches and the number of days they have been outstanding.

This chart assists organizations in tracking and managing their patch deployment timelines. An upward trend indicates delays in patch deployment, which increases the organization’s exposure to vulnerabilities over an extended period. The creative visual employs characters or icons along the timeline to depict different stages of patch aging, including growth, decline, and subsequent resurgence.