UPDATE SEPTEMBER 11: EDR Vulnerability Management Release Postponed

Please be advised that the release has been postponed. We will provide further updates regarding the new schedule in due course.

Coming September 11^th N-able is bringing EDR users a new add-on; Vulnerability Management (Previously Ranger Insights). Vulnerability Management delivers continuous and real-time visibility into application and OS vulnerabilities across Windows, macOS, and Linux. This will be an add-on coupled with Network Discovery (Previously Ranger) and available for Control and Complete license users.

In addition to the benefits of Network Discovery and the default Application Risk Management  users will now have the added benefits:

• Detect OS level vulnerabilities on Windows, in addition to missing patches that are later merged with detected applications
• Daily vulnerability assessment of endpoint and application data from the latest scan. When new CVEs or new exploitation data is detected, the new information is automatically attributed.
• Reflects the fact that the characteristics of a vulnerability changes over time.
• CVEs ranked by Temporal values
• A graphic dashboard
• Allows additional ways to filter the information
• Applications aggregated by version

Please note the EDR Add On “Ranger” is now called “Network Discovery” and “Ranger Insights” is now called “Vulnerability Management”. Easily enabled on the Sites Properties page.

Vulnerability Management is located under your left hand menu “Applications” section.

Graphic Dashboard

With Vulnerability Management you will now see a dashboard that shows a graphical representation of vulnerability data. You see an aggregate overview of application vulnerabilities, and if you have vulnerabilities exploited in the wild.

Users will quickly and easily recognize:

• Severities: Shows the total number of vulnerable applications, and the percentage of applications with vulnerabilities in each severity category (critical, high, medium, and low).
• Exploited in the wild: The number and percentage of applications with at least one vulnerability identified as exploited in the wild.
• High exploit code maturity: The number and percentage of applications with at least one vulnerability identified as exploited in the wild, and an exploit code maturity level of High.
• High exploit code maturity: The number and percentage of applications with at least one vulnerability identified as exploited in the wild, and an exploit code maturity level of High.

CVEs Ranked By Temporal Values

The Vulnerability Management Add-on scores each vulnerability based on Temporal values (in addition to the NVD and SentinelOne Base Values). While the Base Score does not change over time, the Temporal Score may change if the characteristics of the vulnerability changes. The temporal score reflects the characteristics of a vulnerability that change over time, the current state of exploit techniques or code availability, the existence of any patches or workarounds, and the report confidence.

The Temporal Score is based on live updates of the vulnerability’s exploit code maturity, remediation level, and reported confidence level.

More Data Available for Each CVE Detected Simply click on an application name, select CVEs, and expand a vulnerability row to reveal enriched, detailed information at your fingertips

Applications Aggregated by Version

The default view of the Risks page aggregates risks by applications. Click on an application to drill-down to additional data based on Endpoints or CVEs.

By acquiring the Vulnerability Management Add-on, besides benefitting from all the Vulnerability Management features in the Applications view, you can also see application data either for all versions at once, or for each version.

Expanded Filter

Besides benefiting from all the Vulnerability Management features, you can also see and filter for additional information for each vulnerability.

IMPORTANT: Vulnerability Management is a bundled add-on with Network Discovery enabled at the Site level but can operate independently. Enabling Vulnerability Management incurs a license fee for BOTH Vulnerability Management AND Network Discovery for each endpoint, even if you have not enabled Network Discovery. For full benefits, we recommend activating both add-ons

To learn more about pricing for Vulnerability Management please reach out to your Partner Success Manager.

No Console update will be required on September 11^th this will be a console enablement exercise only. There will be no downtime, and all endpoints remain protected.

One final reminder to be sure to read the full supporting documentation available here at N-able Me:  https://me.n-able.com/  and our EDR Vulnerability Management Course within N-able U available September 11th.