Ivanti Patching - Feedback Needed!

We’re currently looking to build a new InsightConnect plugin for Ivanti Patch to help automate some of the most repetitive processes in your environment when it comes to patching. We’ve received some requests for specific use cases in the past, but we want to hear directly from you what would be most important in an Ivanti Patch plugin.

Based on the poll below, select the top 3 items that would be most instrumental to you as part of the Ivanti patching process. If there’s something you’re looking for that’s not on the list, add a reply with the specific use cases that’d be helpful so we can take it into account. And if you have any additional feedback you want to provide regarding Ivanti patching, this is the place!

  • Download/deploy patches to targets
  • Create patch groups
  • Scan targets for current patch status
  • Deploy Ivanti agents
  • Perform agent tasks (eg, patching)
  • Device correlation and management with InsightVM

0 voters


Is just for the Ivanti Patch for Windows Product (Ivanti Security Controls) or is it also for the Ivanti Endpoint Manager product as well?

Hi @chris_wakulik – We have been looking specifically at Ivanti Patch but would love to hear about use cases for Endpoint Manager as well! What did you have in mind?

@holly_wilsey, from your technical research do you happen to know if these products share APIs? If so, would it make sense to consolidate functionality into one plugin for both Patch and Endpoint Manager?

Both products can import the CVEs from Rapid7, but it would be nice to have it be automated instead of exporting/importing a cvs or txt file. Also, any other tasks we can automate out from Rapid7 would be bonus. Both products also use the same patch content, but we currently use one to patch servers, and one to patch workstations.

I believe they have separate APIs, so that would likely make more sense as separate plugins.

Got it, thank you! Sounds like the use case then is, “Import my CVEs from InsightVM into Ivanti Patch & Endpoint Manager in order to keep the vulnerability data synchronized across products” – am I capturing this accurately?


1 Like

We are hoping to be able to query hosts to see if they have been patched against a certain CVE or if they are vulnerable as well as starting patch jobs

Thanks Ryan! Those use cases definitely register here.

We’ve been doing a lot with Slack & Teams so that you’re able to run a basic command that passes variables into the workflow and results are then posted in a thread – see get VM host info from Slack for an example. For this use case, I’m thinking something like @Security Bot patch check CVE-123-4567 and the thread response indicates coverage for that vuln.

What do you think? If your team doesn’t use these ChatOps tools (or don’t want to use them this way), is there a particular place where you would look to trigger that check from?

We heavily use slack with insight connect so that would be perfect


Quick update here: We’ve shipped over a dozen actions for the Ivanti Security Controls plugin, including actions for:

  • Starting a Patch Deployment
  • Creating a Patch Group
  • Creating a Patch Scan Template
  • Searching Patches

Check out all the available plugin actions here: https://extensions.rapid7.com/extension/ivanti_security_controls#Documentation-Technical-Details-Actions

We expect to build out some workflow templates using this functionality in the coming weeks – if you have any further workflow ideas, please share them here!

1 Like