Guys, I'm new to Vulnerability Manager. We are running 7.5 and I think the scan engine needs updating. It's latest threat appears to be 2012!
Anyway, via Manage>Engines, I see the button for 'Updates'.
Will that go pull the latest updates???
In my environment I am hesitant to press this button, not knowing what will happen. Generally I will need to raise a change request before doing updates.....
Good Gravy! Your vulnerability scanner sounds as used as most people's. I have some Good News, some semi-good news and some bad news.
Good news - As long as you have an active license and route to the internet, yes, the "updates" button should just update the definitions & possibly apply some underlying sub release versions (I believe the most recent release is 7.5.10).
Semi-Good News - There are some security vulnerabilities in MVM that you will resolve with updating to 7.5.10
Bad News - MVM is End of Life. You have until January 2018 until it will no longer receive any definition updates. I strongly suggest you look at your (seemingly non-existent) vulnerability management program and evaluate if active network probing/scanning still fits into your workflow. If so, you may want to start evaluating replacement products such as Nexpose, Nessus or IP360.
Thanks for the details foose. I think the organisation is planning a replacement tool for scanning, come jan 18. in the meantime i need to try ensure the scans MVM is doing are at least scanning against current definitions.
I have Intel colleagues telling me the 'database' is up to date, but when i am seeing reports from scans, im seeing references to old old vulnerabiities, like 1999-2012. And CVE references that are equally as old.
Do i just assume that if the 'database' is up to date then the scans are scanning against the latest definitions?
or, does an already configured scan need to be re-configured/edited, to start using newer definitions?
Grateful if you can assist/advise.....im very new to MVM.