WebP Vulnerability Report
Purpose
The purpose of this solution is to find the computers where a vulnerable application is installed, as specified in the provided JSON file.
WARNING: It's important to note that the information obtained through this automated process may not achieve absolute accuracy, given its reliance on comparing application names with those listed in the provided JSON file. Therefore, it is advisable to exercise human judgment when interpreting the data presented in the WebP Vulnerability Report dataview to accurately discern the applications that are genuinely vulnerable.
Associated Content
| Content | Type | Function |
|---|---|---|
| EPM - Security - Script - WebP Vulnerability Report | Script | Fetches the data from the endpoint. |
| EPM - Security - Custom Table - pvl_webp_vulnerable_apps | Custom Table | Stores the data gathered by the script. |
| EPM - Security - Dataview - WebP Vulnerability Report | Dataview | Displays the data gathered by the script. |
| EPM - Security - Internal Monitor - Execute Script - WebP Vulnerability Report | Internal Monitor | Executes the script once per week against online Windows machines. |
| △ Custom - Execute Script - WebP Vulnerability Report | Alert Template | Executes the script against the machines detected by the internal monitor. |
Implementation
- Read the associated documents carefully.
- Import the EPM - Security - Script - WebP Vulnerability Report script.
- Import the EPM - Security - Dataview - WebP Vulnerability Report dataview.
- Run the script against a group of random computers and validate the data in the dataview.
- Import/Create the EPM - Security - Internal Monitor - Execute Script - WebP Vulnerability Report internal monitor.
- Import/Create the
△ Custom - Execute Script - WebP Vulnerability Reportalert template. - Assign the alert template to the internal monitor.