Eset Endpoint Protection consle vulnerability protection

[Saifuddinit 1]

How to Enable vulnerability protection scanning in Eset endpoint protection 8 console server side

[Marcos 4,716]

Unfortunately it's not clear what you mean by "vulnerability protection scanning". Please clarify.

[Saifuddinit 1]

Is there is option we can enable in policy vulnerability scanning all existing server

 

[MichalJ 430]

Hello. There is no "vulnerability protection scanning" functionality in neither ESET Endpoint Solutions, or ESET PROTECT. 

[itman 1,542]

4 hours ago, Saifuddinit said:

Is there is option we can enable in policy vulnerability scanning all existing server

Eset periodically releases stand-alone utilities that scan for widely exploited vulnerabilities. Below I believe is the latest one developed:

Quote

Using ESET’s BlueKeep (CVE-2019-0708) vulnerability checker

ESET has released a free BlueKeep (CVE-2019-0708) tool to check if a computer running Windows is vulnerable to exploitation. As of the time of publication, the tool can be downloaded from:

Program	ESET BlueKeep (CVE-2019-0708) vulnerability checker
Version	1.0.0.1
Location	https://download.eset.com/com/eset/tools/diagnosis/bluekeep_checker/latest/esetbluekeepchecker.exe
SHA-1 hash	C0E66EA2659D2EA172950572FDB5DE881D3882D8

(Be sure to check ESET’s Tools and Utilities page for newer versions)

This program has been tested against 32-bit and 64-bit versions of Windows XP, Windows Vista, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008 and Windows Server 2008 R2 before and after applying Microsoft’s updates for BlueKeep. To use the program, run the executable. There are no command-line arguments for use with the initial release.

https://www.welivesecurity.com/2019/12/17/bluekeep-time-disconnect-rdp-internet/

Edited July 26, 2021 by itman

[Saifuddinit 1]

This tools we have to go each server or users pc or laptop not central management right

[itman 1,542]

10 hours ago, Saifuddinit said:

This tools we have to go each server or users pc or laptop not central management right

Correct.

[kingoftheworld 10]

While I know this isn't a current feature, this is something that I think would be a great addition to the product.  Something that monitors a key set of 3rd party apps and specific OS patches that are missing reporting back to the console. 

[itman 1,542]

1 hour ago, kingoftheworld said:

While I know this isn't a current feature, this is something that I think would be a great addition to the product.  Something that monitors a key set of 3rd party apps and specific OS patches that are missing reporting back to the console. 

Looks like Microsoft Endpoint has such capability: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/next-gen-threat-and-vuln-mgt?view=o365-worldwide

[kingoftheworld 10]

15 hours ago, itman said:

Looks like Microsoft Endpoint has such capability: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/next-gen-threat-and-vuln-mgt?view=o365-worldwide

I am aware of MSFT's offering for this, but I think this requires MS Defender to be deployed and running on the endpoint.  I expect that would cause issues running ESET side by side. 

[itman 1,542]

3 hours ago, kingoftheworld said:

I am aware of MSFT's offering for this, but I think this requires MS Defender to be deployed and running on the endpoint. 

Correct.

[MichalJ 430]

We are currently looking into options how to enrich our portfolio with such functionality. However, as this is still in define / design phase, I can´t share any details with regards to roadmap. But I can confirm, that it is currently being looked into.