📄️ Host Vulnerability Assessment Overview
Lacework provides the ability to assess, identify, and report vulnerabilities found on hosts, containers, and pods within your environment. This means you can identify and take action on software vulnerabilities in your environment and manage that risk proactively. For information about alerts, see Default Policies.
📄️ Host Image Support
Supported Operating Systems
📄️ Lacework Console - Host Vulnerability
📄️ Fix a Host Vulnerability
This article explains how to fix a host vulnerability detected by an assessment.
📄️ When Host Assessments Identify a Vulnerability as Fixed
This article explains when a host vulnerability assessment identifies a vulnerability as fixed.
📄️ Multiple Fixed Parallel Package Versions
Because some vendors maintain multiple major versions of a software package simultaneously, when a vulnerability/CVE is found, vendors must introduce a fix for each maintained major version of the software package. Lacework assesses and displays the vulnerability status for only one combination of (unique machine instance, software package, package version, CVE vulnerability ID). This means that if there are many fixed versions, Lacework must determine which one is the most appropriate for the given package version.
📄️ When Host Assessment Metrics Carry Forward
Generally, assessment data is from what currently exists at the time of assessment. In some circumstances, however, Lacework can carry forward fixed status data to provide information about a previously existing vulnerability that has since been patched/addressed.
📄️ Host Vulnerability - FAQs
Why do host vulnerability results show two different versions of the same package on a machine?