Overview
Addigy Security Suite, powered by SentinelOne, streamlines CVE (Common Vulnerabilities and Exposures) reporting and tracking for macOS device fleets. This guide explains how to access, interpret, and act on CVE data, helping organizations address vulnerabilities quickly to keep devices secure and compliant.
Requirements
Ensure the following prerequisites are met:
- Addigy Security Suite package enabled for your environment.
- SentinelOne agent installed and active on target devices.
- At least one CVE scan executed; SentinelOne must complete an initial scan to generate vulnerability data.
How to Examine CVE Reports
1. Access CVE Dashboards
- Go to Dashboards > Threats & CVEs > Applications in your Addigy admin console.
- The dashboard displays all macOS applications installed on devices that have reported CVE vulnerabilities.
2. Review Application Vulnerabilities
- Select an application from the dashboard to see details.
- View the list of devices with vulnerable application versions, linked CVEs, detection dates, NVD (National Vulnerability Database) base scores, and severity levels.
3. Drill Down into CVE Details
- Navigate to the CVE tab for further details on each vulnerability.
- Information available includes:
- CVE ID
- Severity Rating
- NVD Score
- Publish Date
- Description
- Direct links to the official MITRE and NVD reports for further reference.
4. Patch Management (Optional)
- For supported applications, consider auto-updating 3rd Party Apps through Prebuilt Apps in Addigy.
- This allows for automated patching and updating of vulnerable applications, helping mitigate reported CVEs quickly and efficiently.
5. Monitor CVE Trends
- Regularly monitor the Dashboards > Threats & CVEs area to track remediation progress and observe changes in your fleet’s vulnerability status over time.
Summary
Automated CVE tracking and reporting with Addigy Security Suite provides an effective, unified solution for managing macOS vulnerabilities. Leveraging these dashboards accelerates remediation, simplifies compliance, and strengthens your organization’s security posture.