Skip to content
SecPod  – Documentation
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO
  • Toggle website search
Search this website
Menu Close
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO
  • Toggle website search
  • Docs Home
  • Categories
    • Saner Platform
    • Saner Cloud
    • Saner CVEM
    • Security Intelligence
  • More
    • About SecPod
    • Blog
    • Security & Privacy
    • Support Center
    • Resources
  • SCHEDULE A DEMO

Saner Platform

  • Saner Platform Release Notes
    • Release Notes Saner 6.4.1
    • Release Notes SanerNow 6.4
    • Release Notes SanerNow 6.3.1
    • Release Notes SanerNow 6.3
    • Release Notes SanerNow 6.2.1
    • Release Notes SanerNow 6.2.0.3
    • Release Notes SanerNow 6.2.0.1
    • Release Notes SanerNow 6.2
    • Release Notes SanerNow 6.1.1
    • Release Notes SanerNow 6.1
    • Release Notes SanerNow 6.0
    • Release Notes SanerNow 5.3.1
    • Release Notes SanerNow 5.3
    • Release Notes SanerNow 5.2
    • Release Notes SanerNow 5.1
    • Release Notes SanerNow 5.0
    • Release Notes SanerNow 4.8.0.0
    • Release Notes SanerNow 4.7.0.0
    • Release Notes SanerNow 4.6.0.0
    • Release Notes SanerNow 4.5.0.0
    • Release Notes SanerNow 4.4.0.0
    • Release Notes SanerNow 4.3.0.0
    • Release Notes SanerNow 4.2.2.1
    • Release Notes SanerNow 4.2.2.0
    • Release Notes SanerNow 4.2.1.0
    • Release Notes SanerNow 4.2.0.0
    • Release Notes SanerNow 4.1.1.0
    • Release Notes SanerNow 4.0.0.5
  • Saner Platform Guide
    • Saner Platform Function Guides
    • Saner Device Management User Guide
  • FAQs
    • Saner CVEM Technical FAQs
  • How Tos
    • General
      • How to increase the subscription count for an Account in Saner CVEM
      • How to increment license count for an Organization in Saner CVEM
      • How to provision Saner tools for an Organization
      • How to change subscription type in Saner CVEM
      • How to sign-up with Saner CVEM?
      • How to create a new account in Saner CVEM?
      • How to create a new user in Saner CVEM?
      • How to enable SSO authentication policy in Saner CVEM?
      • How to set alerts in SanerNow?
      • How to view, download and filter the audit logs?
      • How to designate Saner Agent to perform network scan?
      • How to Co-Brand with your logo?
      • How to fetch the details of the mandatory fields from the Okta account?
      • How to create MFA policy for Okta?
      • How to fetch the details of the mandatory fields from the PingID account?
      • How to create MFA policy for PingID?
      • How to fetch the details of the mandatory fields from the PingOne account?
      • How to create MFA policy for PingOne?
      • How to download and install Saner Agent in Mac?
      • How to download and install Saner agent in Linux?
      • How to download and install the Saner agent in Windows?
      • How to update the expiry date of an existing subscription?
      • How to manage users and their preferences using role-based access?
      • How to uninstall SanerNow Agent using SanerNow Offline deployer tool.
      • How to onboard a new organization?
      • How to deploy SanerNow Agent using SanerNow Offline deployer tool.
      • How to install a Saner agent through the command line?
      • How to uninstall the Saner agent through command line?
    • Saner Reports
      • How to configure mail settings to email Report PDF?
      • How to create a custom report in SanerNow?
      • How to schedule for the report back up?
    • Saner Device Management
      • How to create custom groups in Saner CVEM
    • Saner Mail Settings
      • How to create new mail settings in Saner?
      • How to use OAuth-enabled authentication in Saner mail settings
      • How to create OAuth Client ID and Client Secret for Gmail
      • How to create OAuth Client ID and Client Secret for Microsoft 365.
  • Supported OSs and Platforms
    • Operating Systems and Platforms Supported
    • Supported Third-party Applications for Patching

Saner Cloud

  • Before You Begin
    • Glossary of Terms
    • Read me First
  • Get Started
    • Saner Cloud Deployment Guides
      • Azure Onboarding
      • Troubleshooting
      • Get Started with Saner CNAPP AWS Cloud Deployment V1.0
      • Onboarding with AWS Credentials(Least Recommended Method)
      • Onboarding with AWS Role(Manual)
      • Onboarding with AWS Role CloudFormation (Automatic): Recommended
    • Roles and Permissions
      • Roles and Permissions for AWS Remediation Access
      • Roles and Permissions for Azure Onboarding, Detection, and Remediation
  • Learn About
    • Excessive Permission Categories Evaluated Across Different Cloud Services
    • Publicly Accessible Resources
    • Patch Aging and Patch Impact
    • SecPod Default Benchmarks
    • Watchlists
    • Cloud Workload Protection Platform(CWPP)
    • Overview of Report Views in Saner Cloud
    • Whitelisting Resources
    • Saner Plasma AI Assistant for Seamless User Interaction
    • Critical Events to Monitor in AWS
    • High-Privilege Actions in Critical Activity Logs for AWS
    • Audit Logs in Saner Cloud
    • Excessive Permissions
    • Alerts in SanerCloud
  • User Guides
    • Cloud Security Remediation Management(CSRM) User Guide
    • Cloud Infrastructure Entitlement Management(CIEM) User Guide
    • Cloud Security Posture Anomaly(CSPA) User Guide
    • Cloud Security Asset Exposure(CSAE) User Guide
    • Cloud Security Posture Management(CSPM) User Guide
  • Tell Me How
    • How to Configure Automation Rule to Remediate Misconfigurations?
    • How to Manage Report Views at Organization-level in Saner Cloud?
    • How to Get a Cohesive View from Saner Cloud Unified Dashboard?
    • How to Use Tags to Quickly Filter Resources?
    • How to Troubleshoot Issues with Audit Logs?
    • How to Manage Groups and Tags in Saner Cloud?
    • How to Manage Report Views for a User Account in Saner Cloud?
    • How to Troubleshoot or Analyze with Critical Activity Logs?
    • How to Setup Alerts Across SanerCloud Tools?
    • How to Take Action on Alert Notifications from SanerCloud?
    • CSAE
      • How to Setup Watchlist Configuration for a Resource?
      • How to Identify Outdated Resources for Cleanup?
      • How does Resource Categorization Work in Saner CSAE?
      • How to Identify Resources Exposed to External Network?
      • How to Understand the Resource Footprint Globally Across Various Regions?
      • How to Make Informed Decisions on Your Expenditure based on Resource Usage Graph?
    • CSPM
      • How to Setup Benchmarks in Saner CSPM?
      • How to Use Quick Evaluation Benchmarks?
      • How to Detect Patterns over a Period with Resource Trends?
      • How to Assess System Compliance and Security Posture?
    • CSPA
      • How to Initiate Patch Remediation from CSPA Dashboard?
      • How to Quickly Identify the Detected and Remediated Anomalies for an Account?
      • How to Prioritize Remediation or Fixes based on Confidence Levels?
      • How to Examine the Overall Anomaly Information for Specific Rules or Checks?
      • How to Search and Retrieve Anomaly Data?
      • How to Whitelist Rules or Resources in Cloud Security Scans?
    • CIEM
      • How to See the Active Version for an IAM Policy?
      • How to Troubleshoot or Analyze with Critical Activity Logs?
      • How to View by Type and Usage for any Identity in CIEM?
      • How to Get Visibility into Cloud Entitlements?
      • How to Use Evidence to Address Policies with Excessive Permission?
      • How to Know the Excessive Permissions on a Specific Service?
      • How to Visually See the Relationship between Identity, Entitlement, Policy, or Permission?
      • How to Determine if a Policy has Excessive Permission?
      • How to Initiate Patch Remediation from CIEM Dashboard?
    • CSRM
      • How to Configure Automation Rule to Remediate Misconfigurations?
      • How to Create a Patching Task for Items Currently in “Approval Pending” State?
      • How to Evaluate Remediation Effort with Patching Impact Chart?
      • How to Prioritize and Address Older or High-Risk Anomalies with Patch Aging?
      • How to Monitor the Overall Status of the Remediation Job?
      • How do I Get to Know the Regions Impacted by a Specific Rule?
      • How to View the Severity of a Missing Patch Affected by a Rule?
      • How to Address Missing Patches Via Remediation Tasks?
      • How to Quickly Access the Necessary Tool for Remediation and Begin Patching Tasks?
  • Frequently Asked Questions
    • Saner Cloud Technical FAQs
  • Saner Cloud Release Notes
    • Saner Cloud – V.1.1 Release Notes
    • Saner Cloud – V.1.0 Release Notes
  • Security Intelligence for Saner Cloud
    • Infrastructure Entitlement Checks in AWS and Azure
      • Implementing Infrastructure Entitlement Checks in Azure
      • Implementing Infrastructure Entitlement Checks in AWS
    • Posture Anomaly Checks in AWS and Azure
      • Implementing Posture Anomaly Checks in AWS
      • Implementing Posture Anomaly Checks in Azure
    • Benchmark Compliance Rules in AWS and Azure
      • AWS
        • Implementing SecPod Default Rules in AWS
          • Implementing SecPod Global Rules in AWS
          • Implementing SecPod Regional Rules in AWS
        • PCI DSS 3.2.1 Rules in AWS
          • Understand SOC2 Regional Rules in Azure
          • Introduction
          • Understand PCI DSS 3.2.1 Global Rules in AWS
          • Understand PCI DSS 3.2. 1 Regional in AWS
        • CIS 3.0.0 and 4.0.0 Rules in AWS
          • Introduction
          • Understand CIS 3.0.0 Global Rules in AWS
          • Understand CIS 4.0.0 Global Rules in AWS
          • Understand CIS 3.0.0 Regional Rules in AWS
          • Understand CIS 4.0.0 Regional Rules in AWS
        • SOC
          • Implementing SOC 2 Regional Rules in AWS
          • Implementing SOC 2 Global Rules in AWS
        • Implementing HIPAA HITRUST Rules
          • Implementing HIPAA HITRUST Global Rules in AWS
          • Implementing HIPAA HITRRUST Regional Rules in AWS
        • NIST 800-53 Revision 5 Rules in AWS
          • Introduction
          • Understand NIST 800-53 revision 5 Global Rules in AWS
          • Understand NIST 800-53 revision 5 Regional Rules in AWS
      • Azure
        • CIS Rules in Azure
          • Understand CIS 1.1.0 Benchmark Compliance Rules in Azure
          • Understand CIS 3.0.0 Benchmark Compliance Rules in Azure
          • Understand CIS 1.2.0 Global Benchmark Compliance Rules in Azure
          • Understand CIS 2.1.0 Global Benchmark Compliance Rules in Azure
          • Understand CIS 3.0.0 Global Benchmark Compliance Rules in Azure
          • Understand CIS 2.0.0 Regional Benchmark Compliance Rules in Azure
          • Understand CIS 2.1.0 Regional Benchmark Compliance Rules in Azure
          • Understand CIS 3.0.0 Regional Benchmark Compliance Rules in Azure
        • NIST 800-53 Revision Rules in Azure
          • Understand NIST 800-53 Revision 5 Rules in Azure
          • Understand NIST 800-53 Revision 5 Global Rules in Azure
          • Understand NIST 800-53 Revision 5 Regional Rules in Azure
        • SecPod Rules in Azure
          • Understand SecPod Global Rules in Azure
          • Understand SecPod Regional Rules in Azure
          • Understand SecPod Default Rules in Azure
        • HIPAA HITRUST Rules in Azure
          • Understand HIPAA HITRUST 14.7.0 Rules in Azure
          • Understand HIPAA HITRUST 14.7.0 Global Rules in Azure
          • Understand HIPAA HITRUST 14.7.0 Regional Rules in Azure
        • PCI DSS Rules in Azure
          • Understand PCI DSS 4.0 Rules in Azure
          • Understand PCI DSS 4.0 Global Rules in Azure
          • Understand PCI DSS 4.0 Regional Rules in Azure
        • SOC Rules in Azure
          • Understand SOC2 Rules in Azure
          • Understand SOC2 Global Rules in Azure
          • Understand SOC2 Regional Rules in Azure

Saner CVEM

  • Saner CVEM Release Notes
    • Release Notes Saner 6.4.1
    • Release Notes SanerNow 6.4
    • Release Notes SanerNow 6.3.1
    • Release Notes SanerNow 6.3
    • Release Notes SanerNow 6.2.1
    • Release Notes SanerNow 6.2.0.3
    • Release Notes SanerNow 6.2.0.1
    • Release Notes SanerNow 6.2
    • Release Notes SanerNow 6.1.1
    • Release Notes SanerNow 6.1
    • SanerNow Risk Prioritization Launch
    • Release Notes SanerNow 6.0
    • Release Notes SanerNow 5.3.1
    • Release Notes SanerNow 5.3
    • Release Notes SanerNow 5.2
    • Release Notes SanerNow 5.1
    • Release Notes SanerNow 5.0
    • Release Notes SanerNow 4.8.0.0
    • Release Notes SanerNow 4.7.0.0
    • Release Notes SanerNow 4.6.0.0
    • Release Notes SanerNow 4.5.0.0
    • Release Notes SanerNow 4.4.0.0
    • Release Notes SanerNow 4.3.0.0
    • Release Notes SanerNow 4.2.2.1
    • Release Notes SanerNow 4.2.2.0
    • Release Notes SanerNow 4.2.1.0
    • Release Notes SanerNow 4.2.0.0
    • Release Notes SanerNow 4.1.1.0
    • Release Notes SanerNow 4.0.0.5
  • Saner CVEM Guide
    • What’s New in Saner CVEM?
    • Getting Started with Saner CVEM
    • Pre-requisites for Saner CVEM Deployment
    • How does Saner CVEM’s deployment architecture work?
  • Saner CVEM Products
    • Overview of Saner Continuous Vulnerability and Exposure Management
    • Saner CVEM Unified Dashboard User Guide
    • Saner CVEM Asset Exposure User Guide
    • Saner CVEM Continuous Posture Anomaly Management User Guide
    • Data Points IT teams can Fetch from Saner CPAM
    • Posture Anomaly Computation Rules
    • Saner CVEM Vulnerability Management User Guide
    • Saner CVEM Compliance Management User Guide
    • Saner CVEM Risk Prioritization User Guide
    • Saner CVEM Patch Management User Guide
    • Saner CVEM Endpoint Management User Guide
    • Saner CVEM Remote Access User Guide
    • Saner CVEM Network Scanner User Guide
    • Saner CVEM Cyber Hygiene Score User Guide
  • How Tos
    • Saner AE
      • How to blacklist and whitelist applications in Saner AE?
      • How to manage asset licenses using Saner AE?
      • How to run an asset scan using Saner AE?
    • Saner CPAM
      • How to create new response in PA tool?
      • How to build your own detection and response in PA tool?
      • How to whitelist an entire PA ID?
      • How to configure Posture Anomaly tool for custom detection?
      • How to fix Anomalies from PA dashboard?
      • How to fix anomalies detected in your account from All Anomalies Page?
      • How to fix anomalies from PA Summary page?
      • How to delete PA scan preferences?
      • How to schedule PA Scans on Daily, Weekly, and Monthly basis?
      • How to launch Posture Anomaly scans?
    • Saner VM
      • How to automate and schedule vulnerability scans?
      • How to exclude vulnerabilities in Saner VM tool
      • How to manage excluded vulnerabilities in Saner VM?
      • How to remediate vulnerabilities from vulnerability management dashboard?
    • Saner CM
      • How to run a compliance scan?
      • How to custom create a security policy?
      • How to align with PCI security compliance management?
      • How to align with NIST 800-171 security compliance management?
      • How to align with NIST 800-53 security compliance management?
      • How to align with HIPAA security compliance management using Saner CM?
    • Saner PM
      • How to fix firmware in Saner?
      • How to exclude patches in Saner PM?
      • How to manage excluded patches in Saner PM?
      • How to automate patch management in Saner PM?
      • How to roll back patches in Saner PM?
      • How to specify Service Level Agreement (SLA) using Remediation SLA in Saner PM?
      • How to apply missing patches in Saner PM?
      • How to apply the most critical patches in Saner PM?
      • How to perform custom remediation for applications that require paid patches using Saner PM
      • How to check the status of patching activity?
    • Saner EM
      • How to collect all security events from Windows Events Log?
      • How to check password policy set in Windows systems?
      • How to check status of DEP in Windows systems?
      • How to check faulty Anti-Virus (AV) status in Windows systems?
      • How to check for Anti-Virus (AV) status in Windows systems?
      • How to check account lockout policy on Windows systems?
      • How to check if Bit-locker protection is OFF in Windows systems?
      • How to list all inactive users on Windows systems?
      • How to list all guest accounts in Windows systems?
      • How to list all Administrator accounts on Windows systems?
      • How to list last-logon details of users on Windows systems?
      • How to identify all users in Windows systems?
      • How to collect all services that are currently running in Windows systems?
      • How to list all Groups in Windows systems?
      • How to collect all keyboard and pointing devices connected to Windows systems?
      • How to collect all storage devices connected to Windows systems?
      • How to investigate total RAM or CPU threshold (greater than or equal to 80%) in Windows systems?
      • How to collect operating systems information in Windows?
      • How to investigate disks running out of space (<100 MB) in Windows systems?
      • How to collect and investigate disk information on Windows systems?
      • How to collect all installed patches in Windows systems?
      • How to collect all software patches that are hidden in the Windows Update server?
      • How to check the status of Windows Update Server (WSUS/SCCM)?
      • How to collect BIOS information such as serial number, version, manufacturer in Windows systems?
      • How to collect all the important missing patches in Windows systems?
      • How to check wireless security in Linux systems?
      • How to collect mounted disk information on Linux systems?
      • How to check wireless signal quality in Linux systems?
      • How to check all firewall policies on Linux systems?
      • How to collect all Dynamic Host Configuration Protocol (DHCP) information on Linux systems?
      • How to collect DNS information on Linux systems?
      • How to collect ARP entries that are created when a hostname is resolved to an IP address and then to a MAC addressing in Linux?
      • How to check wireless signal quality in Windows systems?
      • How to check wireless security in Windows systems?
      • How to collect all open ports in Windows systems?
      • How to collect all network interfaces in Windows systems?
      • How to investigate DNS cache on Windows systems?
      • How to check all firewall policies on Windows systems?
      • How to collect DNS information on Windows systems?
      • How to collect all the applications with an unknown publisher in Linux systems?
      • How to perform system tuning?
      • How to collect all software licenses in Windows systems?
      • How to identify potentially unwanted programs such as torrent downloaders or unnecessary toolbars running on Windows systems?
      • How to collect a list of applications that are started when you boot your computer?
      • How to collect all the applications with an unknown publisher in Windows systems?
      • How to collect all software licenses in Mac systems?
      • How to collect ARP entries that are created when a hostname is resolved to an IP address and then to a MAC addressing Windows?
      • How to collect all families of operating systems such as Windows, Unix, and macOS?
      • How to collect environment variables set in all operating systems?
      • How to collect all the applications with an unknown publisher in Mac systems?
      • How to delete and quarantine a file?
      • How to start and stop the processes in Saner?
      • How to block blacklisted applications in Saner?
      • How to enable/disable devices in Saner
      • How to manually import devices into Saner?
      • How to deploy software in Saner EM?
      • How to enable and disable firewall settings in Saner AE?
      • How to collect all shared resources on Windows systems?
      • How to collect all Dynamic Host Configuration Protocol (DHCP) information on Windows systems?
      • How to connect to a client machine graphically using Saner Remote Access
  • FAQs
    • Saner CVEM Technical FAQs

Security Intelligence

  • Network Scanner Product Support Matrix
  • Privilege levels for authenticated scans using Saner Network Scanner
  • Overview of Security Content and Intelligence
  • Security Content Statistics
  • Application and OS Remediation Coverage
  • Compliance Benchmark Coverage
  • List of Vulnerability to Exploit/Malware Mapping covered in Saner
  • OVAL Definitions Family-wise Distribution
  • OVAL Definitions Class-wise Distribution
  • OVAL Definitions Platform Coverage
View Categories
  • Home
  • Docs
  • Saner CVEM
  • FAQs
  • Saner CVEM Technical FAQs

Saner CVEM Technical FAQs

Print Friendly, PDF & Email

How to get started with SanerNow?

Sign up at https://sanernow.com// and choose the tools you need. To establish accounts and deploy on agents, go to “Open Console.” You should be able to set up one thousand devices and view their statistics within just 10 minutes.

What measures can we take to secure our account?

SanerNow supports PingOne MFA and Google Authenticator MFA to enable extra secure access to your account. SanerNow presently supports SMS, Email, and the Authenticator app as PingOne MFA authentication methods.

How is my data secured?

Your information is stored confidential. Data integrity and request or response verification are ensured in various ways. Our expert team guarantees that the platform undergoes many layers of security checks. These teams are up to speed on the most recent cyberattacks and threats, and they help define checks for products like OpenVAS. We keep your information safe.

What is the average size of content downloaded or network utilization by agents from your server during the scan?

On Windows Machines, an active agent may download an average of 4MB of data (only when the material requires an update/if modified). However, this varies based on identifying vulnerabilities and configuration issues. Our signatures are released every two to three weeks. We’ve designed ways to speed up the download of content.

How are system resources utilized, or how is the CPU performance during the scan?

In low mode scan, the CPU use averages 20-30%. While scans go quickly and conclude in minutes while running at full throttle, the CPU averages 50-80 percent for a few seconds before dropping to 20-30 percent. Saner service priorities are common, and operating systems handle them efficiently. It won’t get in the way of your activities.

What settings may be required to optimize the network during remediation/patching?

Set up a local patch server or a WSUS server in your organization. Agents are designed to detect WSUS server configurations and retrieve patches from them.

Visit https://support.microsoft.com/en-in/help/328010/how-to-configure-automatic-updates-by-using-group-policy-or-registry-s for more information.

A local HTTP/HTTPS/FTP server can also serve third-party product fixes. Remediate may be found on Control Panel > Deployment> Agent configuration > Create Settings > Remediate.

Select Third-party goods patch server, then Local. A new set of options will appear, prompting you to enter the server URL. For a big setup, contact [email protected] for a Remediation resource feed.

Buffering patches with bandwidth consumption constraints, found under Manage> Create Settings > Remediate, might also aid in the optimization of remediation activities.

How are system resources utilized, or how is the CPU performance during remediation?

During remediation, the CPU average is relatively low. Patches are queued and applied in order. After the remediation operation, or rule, is completed, a scan is done.

Can I configure a period between which remediation should start and end?

Yes. When setting up a remediation job or rule, you can provide a timeline with a start and end date-time. For instance, remediation at a typical organization may finish at 8:00 a.m., when employees begin their workday. If an automatic remediation job is running at 8:00 a.m., it will come to its logical end, and any reboot or sequential tasks will be completed in the next interval. On the other hand, short-term remedial tasks will be completed, and the results uploaded.

After configuring a period between which remediation should start and end, can you change it?

Yes, you can modify the timeframe for remediation automation, which will take effect the next time. Tasks for short-term remediation cannot be modified.

Can I install a customized patch for remediation or install other applications using Saner?

Yes. In Endpoint Management’s Response section, you can perform Software Deployment. All software and updates will be deployed quietly, causing no interruption to end-users. If common options such as /S are not applied, it is recommended to evaluate your installation and offer an appropriate silent option.

Can I install a non-security patch also with Saner?

Yes, you can install a non-security patch with Saner.

What should I do if a remediation patch is not available?

You can opt to block the application and then unblock it later temporarily.

Go to PA > Custom Rules > Build your own Response > Application Block.

How can I remediate commercially licensed products such as Adobe Acrobat or Oracle WebLogic Server?

In Endpoint Management’s Response section, you may perform Software Deployment. Provide a vendor URL for downloading or uploading a patch and a silent option.

Can I find out how long a vulnerability existed in an organization?

Yes. The vulnerability patching graph in the VM dashboard shows how long a vulnerability has been present in an organization since it was discovered on our platform.

What are the following steps to vulnerability detection?

VM provides thorough information on current security vulnerabilities that make endpoints vulnerable to malware threats.

The following steps would be to plan patching activities with PM and ensure endpoint protection software is up to date with EM. Posture Anomaly (PA) will also assist AE in determining whether such vulnerable software assets are employed frequently or sparingly in the case of an ongoing threat.

How can I mitigate vulnerabilities effectively?

To prioritize your patching activities, you can visualize vulnerability mitigation statistics. Because it is vulnerable to malware attacks, an awareness of high-fidelity attacks alerts you about operations that require immediate attention. Vulnerability based on severity scores and other statistics may also help determine the next steps in vulnerability mitigation.

Can I find out how long the patch was available and not applied in an organization?

Yes. When the vendor provided a missing patch, it did not apply to the PM dashboard’s endpoints, as seen in the patch patching graph. Patching Impact and Configuration Impact are useful tools for visualizing remediation consequences.

Remediation and Software Patching is a long and tough activity. What if something goes wrong? Is the rollback option available?

Technical specialists thoroughly test our patches to guarantee correct and timely. The saner agent has evolved as part of the remediation process to ensure rapid patching.

A Rollback function is provided for Windows, Linux, and Mac operating system fixes in any case. There is also a compliance rollback in place. Third-party software cannot be rolled back; however, it may be reinstalled with the previous version. Go to the PM dashboard > left panel > PM > Rollback.

Before deploying remediation, ensure that you’ve verified if a patch can be rolled back since certain vendor patches don’t allow it.

Can I know why particular remediation failed?

Yes. ‘Reason for Failure’ is seen on the PM dashboard. The ‘Job Status summary’ section of the dashboard also allows you to check the status of specific remediation jobs. To learn more about status, click expand.

A patch is available and approved in my WSUS server, but Saner remediation fails. Why?

Each configuration is unique, and some preventative action on your behalf may assist in the resolution of such issues. Check that the system is set up appropriately on your WSUS server (on one of the endpoints). To check if a patch is available, go to Windows Update. Saner should be able to get any appropriate patches that emerge in the system. If this is not the case, either WUS is incorrectly set up, or a pre-requisite patch prevents repair.

Please be aware that applying a patch may cause further patches in a software asset to become available. Additionally, the Windows Update software may require updating. Before you do anything else, consider installing it.

Feel free to send your observations to [email protected] so that your issue can be resolved. We will be pleased to assist you.

Can I identify software products that are out-of-life? What actions can be taken for out-of-life products?

Yes. Check AE dashboard > Outdated Applications. Consider installing upgrades using Software Deployment in the Response section of Endpoint Management. You may also uninstall such applications using the Application Management> uninstall option.

Does Saner provide tracking of software licenses?

Yes. An organization’s software licenses and expenses might be tracked in AE. You may also assess software licensing using an external feed.

Can I blacklist or whitelist software applications?

Yes. Import the blacklisted or whitelisted applications feed (in CSV format) into AE and check for any abnormalities on the dashboard. We do not currently uninstall or block applications using the feed automatically. This may be done automatically by using PA > Custom Rules > Build your Detection and Response to perform a response script on a constant schedule.

How can response actions be executed from Saner?

Network, Process, Service, Software Deployment, System, Application and Devices, Security, File, Windows Registry, Tune-up, and Startup Programs are all response activities. For further information, please see the individual categories. In the Response section, each category contains a set of actions.

Is it possible to automate responses/actions on detection scripts?

Yes. Actions may be created in EM based on existing detection scripts.

Can we add more detection scripts in EM?

There are currently over 100+ detection scripts defined and ready to use. Using the EM > Tools section, you may add additional. Please email us at [email protected] if you have any questions or special requests.

Can I know the system health of all my endpoints?

Yes. Go to EM tool > Checks > System Health. Click to get real-time data. Visualize Disks space used to reach 90% and high CPU and RAM usage.

Can I command my endpoint to scan now or reboot now?

Yes. Go to Devices>Select device>Click on ‘Scan now.’ For reboot, go to PA > Custom Rules > Response>Reboot. Select the endpoint from the right pane to reboot the device.

What are the common indicators of compromise/attack?

Endpoint protection software is disabled, security systems are disabled, torrent-like downloads, a new application in the start-up software system, common operating system libraries have a different MD5sum, unknown processes are running, or multiple ports are open. Disc space is running out, to name a few.

What is the existing Compliance benchmark supported by Saner?

SecPod Default Compliance, the Vendor’s recommended (such as Microsoft) General Compliance, NIST-800-53, NIST 800-171, PCI, HIPPA, and others such as ISO 27001, WMI, ports, process control, service control, device control, anti-virus compliance, and so on, can all be customized to meet the needs of the user.

Can I remove checks from an existing Compliance benchmark?

If it does not comply with your organization, deselect the rule or category while creating/editing compliance.

Can I take remediation actions on customized Compliance checks?

Yes. Users create compliance, and remediation scripts are generated automatically. To understand more, go to CM dashboard > Remediation actions.

Why do some compliance checks show not selected or not checked status?

If you deselect some checks, they will appear in the report as ‘Not selected.’ Compliance checks that require input from the user are usually ‘Not checked’ unless the user provides information. If you encounter any problems, please get in touch with [email protected]. Screenshots of reports/dashboards and agent audit logs will help you understand the case.

Can I apply rollback on a customized Compliance benchmark?

Yes, you can apply rollback on a customized compliance benchmark.

Can I see trending reports?

Yes, you can generate trending reports. SanerNow provides the capability to generate daily, weekly, monthly, quarterly, and yearly reports for Vulnerability, Patching, and Compliance.

Can I export individual endpoint reports?

Yes, individual endpoint reports can be exported. On the left side of the dashboard, click Reports > Saved Reports>PDF Download. Users can export the canned report as a PDF file. The downloaded PDF report will maintain the alignment and filters applied to each part.

Can I be alerted to specific incidents on endpoints?

Various alerts can be issued to notify you of failed activities, endpoint incidents, critical vulnerabilities, configuration issues, and new endpoint detection, among other things. Select Alerts from the dashboard’s left side to find out more.

How long does a scan take?

In Windows, a typical scan takes less than 5 minutes, whereas Linux and Mac machines require 1-2 minutes. Agents’ unique methods and algorithms assist in this.

My scan is prolonged. What can I do?

Contact [email protected] with the endpoint’s audit log received from Devices>Click on hostname> Click on Audit Logs. You can also change settings > Log to debug, scan and send spsaneragent.log from the endpoint system under SecPod Saner installation directory/log folder in Windows and /var/log/saner in Unix-based machines.

Share This Article :
  • X
  • LinkedIn
Still stuck? How can we help?

Saner Documentation Feedback

Copyright 2025 - SecPod. All Rights Reserved. Privacy Policy.
SanerNow Version 6.3.x