Skip to content
SecPod  – Documentation
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO
  • Toggle website search
Search this website
Menu Close
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO
  • Toggle website search
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO

Saner Platform

  • Saner Platform Release Notes
    • Release Notes Saner 6.4.1
    • Release Notes SanerNow 6.4
    • Release Notes SanerNow 6.3.1
    • Release Notes SanerNow 6.3
    • Release Notes SanerNow 6.2.1
    • Release Notes SanerNow 6.2.0.3
    • Release Notes SanerNow 6.2.0.1
    • Release Notes SanerNow 6.2
    • Release Notes SanerNow 6.1.1
    • Release Notes SanerNow 6.1
    • Release Notes SanerNow 6.0
    • Release Notes SanerNow 5.3.1
    • Release Notes SanerNow 5.3
    • Release Notes SanerNow 5.2
    • Release Notes SanerNow 5.1
    • Release Notes SanerNow 5.0
    • Release Notes SanerNow 4.8.0.0
    • Release Notes SanerNow 4.7.0.0
    • Release Notes SanerNow 4.6.0.0
    • Release Notes SanerNow 4.5.0.0
    • Release Notes SanerNow 4.4.0.0
    • Release Notes SanerNow 4.3.0.0
    • Release Notes SanerNow 4.2.2.1
    • Release Notes SanerNow 4.2.2.0
    • Release Notes SanerNow 4.2.1.0
    • Release Notes SanerNow 4.2.0.0
    • Release Notes SanerNow 4.1.1.0
    • Release Notes SanerNow 4.0.0.5
  • Saner Platform Guide
    • Saner Platform Function Guides
    • Saner Device Management User Guide
  • How Tos
    • General
      • How to increase the subscription count for an Account in Saner CVEM
      • How to increment license count for an Organization in Saner CVEM
      • How to provision Saner tools for an Organization
      • How to change subscription type in Saner CVEM
      • How to sign-up with Saner CVEM?
      • How to create a new account in Saner CVEM?
      • How to create a new user in Saner CVEM?
      • How to enable SSO authentication policy in Saner CVEM?
      • How to set alerts in SanerNow?
      • How to view, download and filter the audit logs?
      • How to designate Saner Agent to perform network scan?
      • How to Co-Brand with your logo?
      • How to fetch the details of the mandatory fields from the Okta account?
      • How to create MFA policy for Okta?
      • How to fetch the details of the mandatory fields from the PingID account?
      • How to create MFA policy for PingID?
      • How to fetch the details of the mandatory fields from the PingOne account?
      • How to create MFA policy for PingOne?
      • How to download and install Saner Agent in Mac?
      • How to download and install Saner agent in Linux?
      • How to download and install the Saner agent in Windows?
      • How to update the expiry date of an existing subscription?
      • How to manage users and their preferences using role-based access?
      • How to uninstall SanerNow Agent using SanerNow Offline deployer tool.
      • How to onboard a new organization?
      • How to deploy SanerNow Agent using SanerNow Offline deployer tool.
      • How to install a Saner agent through the command line?
      • How to uninstall the Saner agent through command line?
    • Saner Reports
      • How to configure mail settings to email Report PDF?
      • How to create a custom report in SanerNow?
      • How to schedule for the report back up?
    • Saner Device Management
      • How to create custom groups in Saner CVEM
    • Saner Mail Settings
      • How to create new mail settings in Saner?
      • How to use OAuth-enabled authentication in Saner mail settings
      • How to create OAuth Client ID and Client Secret for Gmail
      • How to create OAuth Client ID and Client Secret for Microsoft 365.
  • FAQs
    • Saner CVEM Technical FAQs
  • Supported OSs and Platforms
    • Operating Systems and Platforms Supported
    • Supported Third-party Applications for Patching

Saner Cloud

  • Before You Begin
    • Glossary of Terms
    • Read me First
  • Get Started
    • Saner Cloud Deployment Guides
      • Azure Onboarding
      • Troubleshooting
      • Get Started with Saner CNAPP AWS Cloud Deployment V1.0
      • Protected: Onboarding with AWS Credentials(Least Recommended Method)
      • Protected: Onboarding with AWS Role(Manual)
      • Protected: Onboarding with AWS Role CloudFormation (Automatic): Recommended
    • Roles and Permissions
      • Roles and Permissions for AWS Remediation Access
      • Roles and Permissions for Azure Onboarding, Detection, and Remediation
  • Learn About
    • Excessive Permission Categories Evaluated Across Different Cloud Services
    • Publicly Accessible Resources
    • Patch Aging and Patch Impact
    • SecPod Default Benchmarks
    • Watchlists
    • Cloud Workload Protection Platform(CWPP)
    • Overview of Report Views in Saner Cloud
    • Whitelisting Resources
    • Saner Plasma AI Assistant for Seamless User Interaction
    • Critical Events to Monitor in AWS
    • High-Privilege Actions in Critical Activity Logs for AWS
    • Audit Logs in Saner Cloud
    • Excessive Permissions
    • Alerts in SanerCloud
  • User Guides
    • Cloud Security Remediation Management(CSRM) User Guide
    • Cloud Infrastructure Entitlement Management(CIEM) User Guide
    • Cloud Security Posture Anomaly(CSPA) User Guide
    • Cloud Security Asset Exposure(CSAE) User Guide
    • Cloud Security Posture Management(CSPM) User Guide
  • Tell Me How
    • Protected: How to Manage Report Views at Organization-level in Saner Cloud?
    • How to Get a Cohesive View from Saner Cloud Unified Dashboard?
    • How to Use Tags to Quickly Filter Resources?
    • How to Troubleshoot Issues with Audit Logs?
    • How to Manage Groups and Tags in Saner Cloud?
    • How to Manage Report Views for a User Account in Saner Cloud?
    • How to Troubleshoot or Analyze with Critical Activity Logs?
    • How to Setup Alerts Across SanerCloud Tools?
    • How to Take Action on Alert Notifications from SanerCloud?
    • CIEM
      • How to See the Active Version for an IAM Policy?
      • How to Troubleshoot or Analyze with Critical Activity Logs?
      • How to View by Type and Usage for any Identity in CIEM?
      • How to Get Visibility into Cloud Entitlements?
      • How to Use Evidence to Address Policies with Excessive Permission?
      • How to Know the Excessive Permissions on a Specific Service?
      • How to Visually See the Relationship between Identity, Entitlement, Policy, or Permission?
      • How to Determine if a Policy has Excessive Permission?
      • How to Initiate Patch Remediation from CIEM Dashboard?
    • CSRM
      • Protected: How to Configure Automation Rule to Remediate Misconfigurations?
      • How to Create a Patching Task for Items Currently in “Approval Pending” State?
      • How to Evaluate Remediation Effort with Patching Impact Chart?
      • How to Prioritize and Address Older or High-Risk Anomalies with Patch Aging?
      • How to Monitor the Overall Status of the Remediation Job?
      • How do I Get to Know the Regions Impacted by a Specific Rule?
      • How to View the Severity of a Missing Patch Affected by a Rule?
      • How to Address Missing Patches Via Remediation Tasks?
      • How to Quickly Access the Necessary Tool for Remediation and Begin Patching Tasks?
    • CSAE
      • How to Setup Watchlist Configuration for a Resource?
      • How to Identify Outdated Resources for Cleanup?
      • How does Resource Categorization Work in Saner CSAE?
      • How to Identify Resources Exposed to External Network?
      • How to Understand the Resource Footprint Globally Across Various Regions?
      • How to Make Informed Decisions on Your Expenditure based on Resource Usage Graph?
    • CSPM
      • How to Setup Benchmarks in Saner CSPM?
      • How to Use Quick Evaluation Benchmarks?
      • How to Detect Patterns over a Period with Resource Trends?
      • How to Assess System Compliance and Security Posture?
    • CSPA
      • How to Initiate Patch Remediation from CSPA Dashboard?
      • How to Quickly Identify the Detected and Remediated Anomalies for an Account?
      • How to Prioritize Remediation or Fixes based on Confidence Levels?
      • How to Examine the Overall Anomaly Information for Specific Rules or Checks?
      • How to Search and Retrieve Anomaly Data?
      • How to Whitelist Rules or Resources in Cloud Security Scans?
  • Frequently Asked Questions
    • Saner Cloud Technical FAQs
  • Saner Cloud Release Notes
    • Saner Cloud – V.1.0 Release Notes
  • Security Intelligence for Saner Cloud
    • Infrastructure Entitlement Checks in AWS and Azure
      • Implementing Infrastructure Entitlement Checks in Azure
      • Implementing Infrastructure Entitlement Checks in AWS
    • Posture Anomaly Checks in AWS and Azure
      • Implementing Posture Anomaly Checks in AWS
      • Implementing Posture Anomaly Checks in Azure
    • Benchmark Compliance Rules in AWS and Azure
      • Implementing Benchmark Compliance Rules in Azure
      • Implementing PCI DSS 3 2 1 Regional in AWS
      • Implementing CIS 3 0 0 in AWS
      • Implementing HIPAA HITRUST Rules
      • Implementing PCI DSS 3 2 1 Global Rules in AWS
      • Implementing NIST 800 53 rev 5 Global Rules in AWS
      • Implementing SecPod Global Rules in AWS
      • Implementing CIS 3 0 0 Regional in AWS
      • Implementing CIS 4 0 0 Regional
      • Implementing SOC 2 in AWS
      • Implementing CIS 4 0 0 in AWS
      • Implementing NIST 800 53 rev 5 Rules in AWS
      • Implementing SecPod Regional Rules in AWS
      • Implementing SecPod Default Rules in AWS
      • Implementing NIST 800 53 rev 5 Regional in AWS
      • Implementing PCI DSS 3 2 1 in AWS
      • Implementing CIS 4 0 0 Global in AWS
      • Implementing CIS 3 0 0 Global Rules in AWS
      • Implementing SOC 2 Global Rules in AWS
      • Implementing SOC 2 Regional Rules in AWS

Saner CVEM

  • Saner CVEM Release Notes
    • Release Notes Saner 6.4.1
    • Release Notes SanerNow 6.4
    • Release Notes SanerNow 6.3.1
    • Release Notes SanerNow 6.3
    • Release Notes SanerNow 6.2.1
    • Release Notes SanerNow 6.2.0.3
    • Release Notes SanerNow 6.2.0.1
    • Release Notes SanerNow 6.2
    • Release Notes SanerNow 6.1.1
    • Release Notes SanerNow 6.1
    • SanerNow Risk Prioritization Launch
    • Release Notes SanerNow 6.0
    • Release Notes SanerNow 5.3.1
    • Release Notes SanerNow 5.3
    • Release Notes SanerNow 5.2
    • Release Notes SanerNow 5.1
    • Release Notes SanerNow 5.0
    • Release Notes SanerNow 4.8.0.0
    • Release Notes SanerNow 4.7.0.0
    • Release Notes SanerNow 4.6.0.0
    • Release Notes SanerNow 4.5.0.0
    • Release Notes SanerNow 4.4.0.0
    • Release Notes SanerNow 4.3.0.0
    • Release Notes SanerNow 4.2.2.1
    • Release Notes SanerNow 4.2.2.0
    • Release Notes SanerNow 4.2.1.0
    • Release Notes SanerNow 4.2.0.0
    • Release Notes SanerNow 4.1.1.0
    • Release Notes SanerNow 4.0.0.5
  • Saner CVEM Guide
    • What’s New in Saner CVEM?
    • Getting Started with Saner CVEM
    • Pre-requisites for Saner CVEM Deployment
    • How does Saner CVEM’s deployment architecture work?
  • Saner CVEM Products
    • Overview of Saner Continuous Vulnerability and Exposure Management
    • Saner CVEM Unified Dashboard User Guide
    • Saner CVEM Asset Exposure User Guide
    • Saner CVEM Continuous Posture Anomaly Management User Guide
    • Data Points IT teams can Fetch from Saner CPAM
    • Posture Anomaly Computation Rules
    • Saner CVEM Vulnerability Management User Guide
    • Saner CVEM Compliance Management User Guide
    • Saner CVEM Risk Prioritization User Guide
    • Saner CVEM Patch Management User Guide
    • Saner CVEM Endpoint Management User Guide
    • Saner CVEM Remote Access User Guide
    • Saner CVEM Network Scanner User Guide
    • Saner CVEM Cyber Hygiene Score User Guide
  • How Tos
    • Saner CPAM
      • How to create new response in PA tool?
      • How to build your own detection and response in PA tool?
      • How to whitelist an entire PA ID?
      • How to configure Posture Anomaly tool for custom detection?
      • How to fix Anomalies from PA dashboard?
      • How to fix anomalies detected in your account from All Anomalies Page?
      • How to fix anomalies from PA Summary page?
      • How to delete PA scan preferences?
      • How to schedule PA Scans on Daily, Weekly, and Monthly basis?
      • How to launch Posture Anomaly scans?
    • Saner AE
      • How to blacklist and whitelist applications in Saner AE?
      • How to manage asset licenses using Saner AE?
      • How to run an asset scan using Saner AE?
    • Saner VM
      • How to automate and schedule vulnerability scans?
      • How to exclude vulnerabilities in Saner VM tool
      • How to manage excluded vulnerabilities in Saner VM?
      • How to remediate vulnerabilities from vulnerability management dashboard?
    • Saner CM
      • How to align with NIST 800-53 security compliance management?
      • How to align with NIST 800-171 security compliance management?
      • How to align with PCI security compliance management?
      • How to custom create a security policy?
      • How to run a compliance scan?
      • How to align with HIPAA security compliance management using Saner CM?
    • Saner PM
      • How to fix firmware in Saner?
      • How to exclude patches in Saner PM?
      • How to manage excluded patches in Saner PM?
      • How to automate patch management in Saner PM?
      • How to roll back patches in Saner PM?
      • How to specify Service Level Agreement (SLA) using Remediation SLA in Saner PM?
      • How to apply missing patches in Saner PM?
      • How to apply the most critical patches in Saner PM?
      • How to perform custom remediation for applications that require paid patches using Saner PM
      • How to check the status of patching activity?
    • Saner EM
      • How to check wireless security in Windows systems?
      • How to collect all open ports in Windows systems?
      • How to check all firewall policies on Windows systems?
      • How to collect all the applications with an unknown publisher in Mac systems?
      • How to investigate DNS cache on Windows systems?
      • How to collect all the applications with an unknown publisher in Linux systems?
      • How to collect all software licenses in Windows systems?
      • How to collect environment variables set in all operating systems?
      • How to collect ARP entries that are created when a hostname is resolved to an IP address and then to a MAC addressing Windows?
      • How to collect all families of operating systems such as Windows, Unix, and macOS?
      • How to collect all software licenses in Mac systems?
      • How to collect DNS information on Windows systems?
      • How to identify potentially unwanted programs such as torrent downloaders or unnecessary toolbars running on Windows systems?
      • How to collect all the applications with an unknown publisher in Windows systems?
      • How to collect all network interfaces in Windows systems?
      • How to collect a list of applications that are started when you boot your computer?
      • How to delete and quarantine a file?
      • How to collect mounted disk information on Linux systems?
      • How to check wireless signal quality in Windows systems?
      • How to perform system tuning?
      • How to collect ARP entries that are created when a hostname is resolved to an IP address and then to a MAC addressing in Linux?
      • How to collect all Dynamic Host Configuration Protocol (DHCP) information on Linux systems?
      • How to collect DNS information on Linux systems?
      • How to check all firewall policies on Linux systems?
      • How to check wireless security in Linux systems?
      • How to check wireless signal quality in Linux systems?
      • How to collect all the important missing patches in Windows systems?
      • How to collect all installed patches in Windows systems?
      • How to collect all software patches that are hidden in the Windows Update server?
      • How to check the status of Windows Update Server (WSUS/SCCM)?
      • How to collect BIOS information such as serial number, version, manufacturer in Windows systems?
      • How to collect and investigate disk information on Windows systems?
      • How to investigate disks running out of space (<100 MB) in Windows systems?
      • How to collect operating systems information in Windows?
      • How to investigate total RAM or CPU threshold (greater than or equal to 80%) in Windows systems?
      • How to list all Groups in Windows systems?
      • How to collect all services that are currently running in Windows systems?
      • How to list all Administrator accounts on Windows systems?
      • How to list all guest accounts in Windows systems?
      • How to list all inactive users on Windows systems?
      • How to list last-logon details of users on Windows systems?
      • How to identify all users in Windows systems?
      • How to check if Bit-locker protection is OFF in Windows systems?
      • How to collect all keyboard and pointing devices connected to Windows systems?
      • How to collect all storage devices connected to Windows systems?
      • How to check account lockout policy on Windows systems?
      • How to check for Anti-Virus (AV) status in Windows systems?
      • How to check status of DEP in Windows systems?
      • How to check faulty Anti-Virus (AV) status in Windows systems?
      • How to check password policy set in Windows systems?
      • How to collect all security events from Windows Events Log?
      • How to start and stop the processes in Saner?
      • How to block blacklisted applications in Saner?
      • How to enable/disable devices in Saner
      • How to manually import devices into Saner?
      • How to deploy software in Saner EM?
      • How to enable and disable firewall settings in Saner AE?
      • How to collect all shared resources on Windows systems?
      • How to collect all Dynamic Host Configuration Protocol (DHCP) information on Windows systems?
      • How to connect to a client machine graphically using Saner Remote Access
  • FAQs
    • Saner CVEM Technical FAQs

Security Intelligence

  • Overview of Security Content and Intelligence
  • Security Content Statistics
  • Application and OS Remediation Coverage
  • Compliance Benchmark Coverage
  • List of Vulnerability to Exploit/Malware Mapping covered in Saner
  • OVAL Definitions Family-wise Distribution
  • OVAL Definitions Class-wise Distribution
  • OVAL Definitions Platform Coverage
View Categories
  • Home
  • Docs
  • Saner CVEM
  • Saner CVEM Products
  • Saner CVEM Compliance Management User Guide

Saner CVEM Compliance Management User Guide

Print Friendly, PDF & Email

Compliance management is the ongoing process of monitoring and assessing systems to comply with the industry and security standards and regulatory policies. Saner Compliance Management will help identify systems that are non-compliant and missing patches with the help of compliance management. It provides regular proactive system scans and automates remediation actions and customizable results. Saner CM includes regulatory compliance templates for PCI, HIPAA, ISO 27001, NIST 800-53, and NIST 800-171. Compliance profiles can be created and customized to suit an organization’s needs. Once the profile is deployed, Saner CM monitors the organization’s assets for deviations from the profile and helps fix deviations. Saner CM performs daily checks to detect configuration discrepancies that can be manually or automatically fixed.

Saner CM supports three aspects of compliance:

  • Default Compliance – Each operating system will have individual rules by default. Saner CM sets the values for this.
  • Generic Compliance – Generic compliance is designed to correspond to the different operating systems and security settings such as Account Lockout Policy, Administrative Templates, Authentication Types, etc.
  • Regulatory Compliance defines standards, such as the PCI, HIPAA, and NIST standards.

Organizations must be aware of and take steps to meet relevant laws and regulations.

To access the Compliance Management tool:

  1. Log in to Saner Prevent platform using your credentials.
  2. Suppose an account already exists and the Saner Agent has been deployed on the endpoints; the organization level dashboard is displayed.
  • To select an account, click the drop-down box on the top left corner of the dashboard. The Organizations and the Accounts belonging to the Organization are listed.
  • Click the Saner tools icon on the header. It will display all the provision tools, as shown below.
  • Click the Compliance Management (CM) icon.

Rule Compliance

This pane shows the organization’s compliance posture and highlights the percentage of non-compliant devices based on the rules.

Device Compliance

This page shows the percentage of compliant and non-compliant devices.

Click on the More Info arrow to view compliance details by groups or unassigned devices, by the top non-compliant hosts, top misconfigurations, or greatest non-compliant assets. You can download the device compliance information by clicking on the CSV icon.

Group Compliance

This pane shows the distribution of deviations based on the group. You can download the excel sheet of group compliance information by clicking on the CSV icon.

Benchmarks

This page shows the list of benchmarks, the groups to which the benchmark is assigned, and the compliance statistics. You will get a list of rules associated with that benchmark with detailed information on expanding each benchmark. You can download the excel sheet of benchmark details by clicking on the CSV icon. You can also get the CSV file for each benchmark with a detailed list of rules available in that benchmark.

Click on the Expand icon, which will redirect to the Benchmarks page. You can see a list of benchmarks. Click on the edit icon to apply the benchmark to different groups or delete the benchmark. The CSV icon is available to download the excel sheet with benchmark details. You can create a new benchmark from this page.

To create a new benchmark:

  1. Click the expand icon on the Benchmarks pane and click on the Create New Benchmark button. The Create Benchmark page is displayed, as shown in the below image.
  • Select the compliance template as per your requirement.
  • Click Select.
  • Once the template is selected, click Verify.

  • Verify the rules in the selected compliance template. Click Save.

Click Next

  • Specify the Scope. Select the groups you want the compliance template to be applied to.
  • Click Next.
  • Provide a name for the benchmark and a description. Click Save.

Mis-Configured Devices

This page shows the list of devices with missing configuration details. You can apply the filters to get a specific list of devices. You can filter the devices – by the Groups, Operating System, Family, Severity, and device status. You can search the devices by the Hostname, Operating System, and Group name. Click on the CSV icon to download the excel file with detailed device information.

Mis-Configurations

This pane shows the misconfigurations where risk scoring is based on Common Configuration Scoring System(CCSS). Each CCE score is computed based on the CCSS algorithm and categorized as Critical, High, Medium, and Low. You will get the CCE ID, Title, Severity percentage of the missing configuration, number of hosts affected, and the detected date. You can apply the Group, Family, and Severity filter options to get the list of assets with misconfiguration details. You can search the misconfigurations by the CCE ID, Title, and Asset name. Click on the CSV icon to download the excel file of mis-configuration information. Click on the information (i) icon to get the fixed information.

Top Deviant Assets

This pane shows top deviant assets with the number of non-compliant devices and affected hosts. Click on the CSV icon to download the list of top deviant assets.

Top Remediation Recommendation

This pane shows the top recommended remediation actions with detailed information. You will get the remediation id, asset name, patch id, CCE ID, affected hosts, and the remediation information. You can download the excel file with the list of top remediation recommendations by clicking on the CSV icon.

Fix Misconfigurations

This page shows assets that require an update or patch, the level of risk, the hosts that need the update or patch, and other related details. This pane shows the level of risk due to the missing patch, the size, date, vendor who publishes the patch, whether a reboot will be required to apply the patch, and the number of affected hosts. Search and filter options are available to view specific assets. You can download an excel sheet of misconfigurations details by clicking the CSV icon.

Click on the down arrow on the Patch and Rollback column to expand the list of patches and rules.

To install configuration changes:

  • Select the patches you want to install. Click on the Apply Selected Configurations button at the top right corner of the missing configuration page. The Create Patching Task dialog is displayed in the below image.
  • Specify a task name, and provide patching notification messages for end users.
  • Select the options to backup remediation scripts before or after the remediation action – Pre-script and Post-script
  • Test the patches using the Test and Deploy option instead of deploying patches on the actual environment. Use this testing environment to test and deploy patches.
  • Schedule the job immediately or after a scheduled scan and set the time counter accordingly in the test schedule fields. You can also choose to set the job to execute on a different date.
  • Click on the Next button. Specify the details in the Deployment Criteria section. Click on the Test and Deploy Selected Configurations button.

You will get a confirmation message that you created the job successfully.

Rollback

Click on the Rollback option at the top of the CM page. It will list the installed patches for each device and asset.

  • Select the assets you want to rollback patching and click the Revert Selected Patches button.

The Create Rollback Task dialog is displayed.

  • Specify a job name and select rollback schedule from the drop-down menu.
  • Specify whether you want the job done immediately or after a scan and set the time counter accordingly. You can also choose to set the job to execute on a different date.
  • Provide the rollback notification message to display when the task is completed.
  • Click on the Revert Selected Patches button after specifying the details.

Automation

To install missing configuration patches using an automated task, click on the Automation button at the top of the CM page. The Automation page will display the list of non-compliant assets.

Select an asset you want to remediate non-compliant assets automatically and click on the Create Automation Rule button to schedule a task. Schedule a Task dialog is displayed as shown in the below image.

Select patches based on severity and click on the Next button.

Specify how often you need to run a scan and select the option to reboot. Choose to set the task to execute on a different date, either weekly, monthly, or daily. If weekly, specify the days and time. If monthly, specify the dates and time. Select scripts to run while rebooting, specify the task name and provide the patching notification message to display after completing the activity. You can also select groups to apply the rule settings. Click on the Create Automation Rule button.

Status

Users can rollback patches, remove devices, and reboot devices from the Status page. Select a device and click on the Rollback patches button to apply patches to the device.

To remove a job applied for the device, select a device, and click on the Remove Device button. Select a device from the device list and click on the Reboot Device button. Specify the task name, reboot message, and select schedule options as immediate or custom date. After filling in the details, click on the Reboot button. A reboot task will be applied to the device.

Setting Alerts for Compliance Issues

The Alerts feature sends a notification to the specified email on compliance issues. This setting must be configured before the first scheduled scan.

To set alerts for compliance issues

  1. Click on the Alerts option on the left pane.
  2. Turn on Subscription Status to enable compliance alerts.
  3. Specify an email address to which the alerts will be sent.
  4. You can have alerts sent for all compliance issues or custom conditions based on CCEs.
  5. Click on the Update button.

Compliance Reporting

After the scheduled scan, the agent uploads the configuration compliance report. The Compliance Report displays the configuration issues and impacted hosts and assets. It provides compliance details based on the device groups and specific devices. It also includes non-compliant instances for each asset and a description of each non-compliant rule.

We recommend generating a compliance report before and after remediation actions to compare the status of the compliant devices and understand your organization’s compliance level. Users can customize the reports based on the requirements.

To generate a compliance report.

  • Click on the Reports > Saved Report > Compliance Report.

To export the report to a PDF.

  • Click on the download icon to download the PDF report.

To export the report and send it via email:

  • Click on the Mail icon in the saved report section to email the report.
  • Specify the email addresses.

To Back Up Reports

The backup settings under Reports allow IT, administrators, to maintain a compliance history. The backup time should be scheduled. The backup report can be scheduled to run automatically daily or weekly.

To Back Up Reports

To configure backup settings for reports:

  • Click Reports on the left pane.
  • Click on Saved Reports and select the Compliance Report option.
  • Select the Settings option beside the Asset Report.
  • Report Settings (Compliance Report) pop-up will be displayed below.
  • Click the Omit filter statement in the exported report check box, and users can set the on/off button whether they want to back up the report.
  • If a backup is on, select the weekly or daily option to back up the reports.
  • Set a number in the Keep only the latest entry box. The report for the specified number of days is archived. If the number is three and the backup option is daily, then the reports from the last three days are maintained. Older files are deleted. You can maintain backups for a maximum of 30 days.
  • Specify Email ID address.
  • Select the organization and accounts you want to apply these settings.
  • Click on the Save button.
Share This Article :
  • X
  • LinkedIn
Still stuck? How can we help?

Saner Documentation Feedback

Saner CVEM Vulnerability Management User GuideSaner CVEM Risk Prioritization User Guide
Table of Contents
  • Rule Compliance
  • Device Compliance
  • Group Compliance
  • Benchmarks
  • Mis-Configured Devices
  • Mis-Configurations
  • Top Deviant Assets
  • Top Remediation Recommendation
  • Fix Misconfigurations
  • Rollback
  • Automation
  • Status
  • Setting Alerts for Compliance Issues
  • Compliance Reporting
    • To Back Up Reports
Copyright 2025 - SecPod. All Rights Reserved. Privacy Policy.
SanerNow Version 6.3.x