Vulnerability Scanners Integration

JetPatch is integrated with several vulnerability scanners that are constantly being updated.

You can import vulnerability information in several ways:

To update vulnerability scanners in the JetPatch portal :

Import File

The default support scanners types are "custom CSV file" and "Nessus" report. The reports should include:

Import File: You can import a CSV file with patch vulnerability information.
- The file content should include:
  - IP Address
  - DNS Name
  - Vulnerability ID
- Column order - should be in the same order as above
- Headers - should not be included in the report
If you would like to add Headers/information to your reports please contact our customer success representative
Clear Data - All information that was updated from previously imported reports will be erased

To learn more about nexpose integration please visit Import Vulnerabilities via Nexpose

The operation 'Clear Data' will delete all unmanaged patches and endpoints and the link between managed patches and endpoints.

For deleting the report data you can click on "Clear Data" after choosing the requested vulnerability provider.

Please note:

After a report is imported or an integration is established, the endpoints that are related to the vulnerability scanner will appear in the Endpoint Management table. In some cases, endpoints that arrive from a vulnerability scanner are not managed by JetPatch (they are not discovered by any of the discovery sources) . The unmanaged endpoints are not remediated and no action can be perfomed.
For managed patches and endpoints, JetPatch will add the report data into:
- "Endpoints > Management" - into "Vulnerability Scan" column
- "Patches > Patch Catalog" - into "Vulnerability Provider" column
Importing a new report into JetPatch will not override the existing reports.