NinjaOne – Application Vulnerabilities Monitoring

I recently had an evening free, so thought I would have a play around trying to find some vulnerability information on devices via powershell. In the end I came across this awesome project: https://github.com/vulmon/Vulmap This allows you to check for vulnerabilities in installed applications on a device.

I made a few tweaks so that it would also check applications installed in User Profiles and then document the results to custom fields in NinjaOne. The results look like this:

The information is documented into two separate fields a Status field that can be used in conditions to generate alerts and a details field which gives the details on what vulnerabilities were found.

The script

The latest version of the script can be found here: https://github.com/lwhitelock/NinjaOneAutomation/blob/main/DocumentationScripts/Check-App-Vulnerabilities.ps1

To setup the script first you will need to create two custom fields, if you change the names you can edit the settings in the top of the script.

First Field

Title: Vulnerability Status

Label: vulnerabilityStatus

Type: Text

Second Field

Title: Vulnerability Details

Label: vulnerabilityDetails

Type: Multi-Line

Make sure you then give scripts read/write permission for the fields:

Once these are created you can then add the script to your script library and run it against your devices to check for vulnerabilities.

Monitoring

If you wish to add monitoring and alerting you can add a new condition to your policies to check the status field for the text “Vulnerabilities Found”: