NinjaOne – Application Vulnerabilities Monitoring
I recently had an evening free, so thought I would have a play around trying to find some vulnerability information on devices via powershell. In the end I came across this awesome project: https://github.com/vulmon/Vulmap This allows you to check for vulnerabilities in installed applications on a device.
I made a few tweaks so that it would also check applications installed in User Profiles and then document the results to custom fields in NinjaOne. The results look like this:
The information is documented into two separate fields a Status field that can be used in conditions to generate alerts and a details field which gives the details on what vulnerabilities were found.
The latest version of the script can be found here: https://github.com/lwhitelock/NinjaOneAutomation/blob/main/DocumentationScripts/Check-App-Vulnerabilities.ps1
To setup the script first you will need to create two custom fields, if you change the names you can edit the settings in the top of the script.
Title: Vulnerability Status
Title: Vulnerability Details
Make sure you then give scripts read/write permission for the fields:
Once these are created you can then add the script to your script library and run it against your devices to check for vulnerabilities.
If you wish to add monitoring and alerting you can add a new condition to your policies to check the status field for the text “Vulnerabilities Found”: