How to Ensure You're Really Patching What You Think
Review severity settings of policies to make sure you are patching at the scope you want.
The severity level High was added to the Automox console with CSVSSv3, which means you should check if your policies still include the level of patching you are expecting. The scope of Critical has a different range (9.0–10.0). If you require the full span of 7.0–10.0, you must select High in your policy.
Automox CVSSv2 |
Automox CVSSv3 |
---|---|
|
none (0.0) |
Low (0.0—3.9) |
Low (0.0—3.9) |
Medium (4.0—6.9) |
Medium (4.0—6.9) |
Critical (7.0—10) |
High (7.0—8.9) |
Other (Not scored) |
Critical (9.0—10) |
|
Unknown |
How to review your policies
Find out if your policies are covering your minimum requirements and adjust the scope.
- From the Automox console, go to Automate → Policies.
- For each severity-related policy (Advanced and By Severity policies), click the name of the policy to open the Edit Policy page.
- The Package Targeting section depends on the type of policy:
- For a By Severity policy, select High to include the range 7.0–8.9.
- For an Advanced Policy, make sure your rules include Is Greater Than Or Equal To and High to ensure coverage.
- Click Save Policy. Repeat for each severity-related policy.