How to Ensure You're Really Patching What You Think
Review severity settings of policies
Represents a set of logic statements that define the desired target state of a device, the allowed remediation schedule, and configuration parameters around how that remediation should take place. to make sure you are patching at the scope you want.
The severity level High was added to the Automox console Our web-based management dashboard, available at https://console.automox.com. with CSVSSv3, which means you should check if your policies still include the level of patching you are expecting. The scope of Critical has a different range (9.0–10.0). If you require the full span of 7.0–10.0, you must select High in your policy.
|
Automox CVSSv2 |
Automox CVSSv3 |
|---|---|
|
|
none (0.0) |
|
Low (0.0—3.9) |
Low (0.0—3.9) |
|
Medium (4.0—6.9) |
Medium (4.0—6.9) |
|
Critical (7.0—10) |
High (7.0—8.9) |
|
Other (Not scored) |
Critical (9.0—10) |
|
|
Unknown |
How to review your policies
Find out if your policies are covering your minimum requirements and adjust the scope.
- From the Automox console, go to Automate → Policies.
- For each severity-related policy (Advanced and By Severity policies), click the name of the policy to open the Edit Policy page.
- The Package Targeting section depends on the type of policy:
- For a By Severity policy, select High to include the range 7.0–8.9.
- For an Advanced Policy, make sure your rules include Is Greater Than Or Equal To and High to ensure coverage.
- Click Save Policy. Repeat for each severity-related policy.
