We are working on getting rid of our backlog of vulnerabilities in our environment and the idea is to first get the Most Common Actively Targeted Vulnerabilities under control.
Now I know that we have a default dashboard card that highlights these and that we can create remediation projects out of the information from that card. That gives a really good overview for the follow up but it is not always good for working with.
We would like to be able get a list of each solution and all devices where it needs to be applied. That list we then could read into our patch deployment tool for a more aggressive patch approach.
I have been reading through the documentation of the IVM API v3 and can see that there is no way of querying the Insight Platform stuff from here.
So my question is if this would be possible to do in any other way.
In my head these “Most Common Actively Targeted Vulnerabilities” would have some sort of a tag or similar on them - does anyone know if they actually do and what that tag is in that case?
I’m thinking if I can query for the vulnerabilities with that tag, then with that list I will then check for each solution and all machines the vulnerability is present on.
Cheers and happy Friday