Asset Intelligence, Reimagined

Schedule a Call
Schedule a Call

IT Asset Management Suite IT Asset Management Blog How To Proactive Security Automating Vulnerability Monitoring And Patching In Assetsonar

[How-to] Proactive Security: Automating Vulnerability Monitoring and Patching in AssetSonar

  • 5 minutes
Share:

Struggling to stay ahead of critical vulnerabilities across your device landscape? With AssetSonar’s Patch Management module, you don’t just see risks — you act on them. The module gives you:

  • Real-time vulnerability detection across Windows, macOS, and Linux devices.
  • Direct patch management: add, deploy, or schedule patches from the same module.
  • Overview dashboards with KPIs and graphs for instant prioritization.

Backed by NIST vulnerability data and live agent scans, Patch Management replaces fragmented tools with one centralized workflow. This guide walks you through enabling the module, investigating CVEs, deploying or scheduling patches, and staying proactive with alerts and digests.

This walkthrough will show you how to enable the module, track risks, patch impacted software, and manage alerts.

Note: Patch Management is currently a beta solution. We’re actively improving it, and your feedback will help shape the final version.

1. Enable Patch Management

To get started, go to Settings → Patch Management, click Enable, and then click Update to activate the Patch Management module.

Note: Enabling Patch Management instantly starts real-time vulnerability discovery. Vulnerabilities will begin appearing in the module as soon as the feature is enabled.

When enabled, a new top-level Patch Management module appears in the left navigation. The module opens with two tabs:

  • Overview — KPI cards and graphs that surface the highest-priority signals so you can make prompt decisions.
  • Vulnerabilities — the full, filterable list of all detected vulnerabilities mapped to software and devices.

Note: Patch Management requires the latest agent versions to function:

  • Windows: 3.2.0.0 and above
  • macOS/Linux: 2.0.0.0 and above

Download the latest agent from the AssetSonar app to ensure patch deployment works properly.

2. Scan Devices and Detect Vulnerabilities

Once enabled:

  • The AssetSonar ITAM Agent scans all Windows, MacOS, and Linux machines for vulnerabilities.
  • AssetSonar cross-references discovered packages with the latest CVE feeds and scores them (Critical → Low).
  • Vulnerabilities are mapped immediately to affected software and devices and appear in Patch Management → Vulnerabilities in real time.

Note: Because scans and CVE mapping are real-time, you’ll see newly detected vulnerabilities show up in Patch Management → Vulnerabilities without delay. Use Patch Management → Overview to surface urgent issues at a glance.

Here you may also filter the vulnerabilities based on a number of criteria: 

3. Investigate a Specific Vulnerability

You may click on the New Window icon to navigate directly to the NIST page containing the details of the vulnerability. 

Click on any CVE ID to open its Vulnerability Details page. Here you may find additional information about the vulnerability. 

You may also take actions against these vulnerabilities or their relevant patches from this page. It also lists relevant references to external patch details such as advisories, blog posts, or technical writeups.

4. Add, Deploy, or Schedule Patches

Warning: We strongly recommend testing any patch on a limited number of test devices before mass deployment. While AssetSonar enables deployment at scale, patch behavior can vary across environments. Testing first helps you validate compatibility and reduce risk.

To manage vulnerabilities, you will need to manually add patches and then deploy them to affected devices. Each vulnerability details page contains NIST references from which users can find the patches. Once you do, click Add Patch and fill in the required details. We help by providing reference links (from trusted sources like NIST, vendor sites, or advisories) in the Vulnerability Details page. However, currently AssetSonar does not pull or prefill patches automatically.

4.1. Add a Patch

  • Go to Software (Navigation Menu) → Software Vulnerability and select the relevant vulnerability. 
  • Click the Add Patch button on the top right. 
  • Enter the patch details. 
  • Then you may choose to either Add or Add and Deploy the patch. 

Once added, the patch appears in the Software Patch section of the relevant vulnerability and becomes available for deployment.

4.2 Deploy a Patch Immediately

You can deploy a patch from:

  • The Software Vulnerability page by clicking the Deploy Patch icon for a specific vulnerability.
  • The Vulnerability Detail Page using the Deploy Patch button or the deploy icon next to a specific patch.

4.3 Schedule a Patch for Future Deployment

To schedule deployment:

  • Click the Schedule Patch icon from either:
    • The Software Vulnerability page against the relevant vulnerability, or
    • The Software Patches section of a Vulnerability details page.

In the Schedule Patch modal, you can:

  • Select the patches to schedule.
  • Select the target devices.
  • Choose a future date and time for deployment.
  • Add a Description.
  • Click Schedule Patch

You’ll receive a confirmation email once the patch is successfully scheduled. Scheduled patches are executed silently by AssetSonar at the specified time. Status updates are tracked across the platform and shared via email alerts.

5. Track Deployment Success or Failure

After scheduling a patch, AssetSonar sends real-time alerts to keep you informed. When tracking deployment, AssetSonar uses the following statuses:

  • Active: Patch is associated with the asset and the package/task exists. This is the state immediately after adding a patch.
  • In Progress: AssetSonar is publishing the package (upload/API call in flight) or waiting for acknowledgment.
  • Pending: Agents haven’t executed yet (waiting for the next poll or pre-checks).
  • Scheduled: A future deployment window exists. Devices wait until the scheduled time, even if they poll earlier.
  • Success: Agent completed the patch with a success exit code, and AssetSonar verified the version or CVE closure.
  • Failed: The agent attempted to install but returned an error, timed out, or verification failed.

All alerts are sent via email to account owners and admins.

6. Get Email Alerts and Daily Digests

You’ll receive alerts for:

  • Initial Vulnerability Sync – Summary Email (sent after full agent scan)
  • New Critical Vulnerabilities Detected
  • Patch Deployment Status (Scheduled, Success, Failure)

Admins and account owners can also enable Daily Vulnerability Digests via More → Alerts & Emails → Software.

7. Maintain a Proactive Posture

With the Patch Management module, your team gains:

  • Complete visibility into software risks across your IT environment
  • Centralized CVE-to-device mapping for faster investigations
  • Manual patch upload and one-click deployment or scheduling
  • Real-time alerts—no need for constant manual tracking

You’ll stay ahead of emerging threats without relying on third-party scanners or external patching workflows.

Ready to Take Control of Software Vulnerabilities?

With AssetSonar’s Patch Management module, you can patch at scale, eliminate shadow risks, and keep your IT assets secure and up to date—all from one unified platform.

Need help getting started? Email us at support@ezo.io — we’re here to assist.

Was this helpful?

Thanks for your feedback!
Picture of Farhad Hassan
Farhad Hassan
Sr. Technical Writer, EZO
Farhad Hassan is a seasoned technical writer and content specialist with over a decade of experience turning complex systems into clear, actionable resources. At EZO, he focuses on creating support articles across the company’s full product suite — including EZO, EZRentOut, EZO CMMS, and AssetSonar — helping businesses manage assets, streamline maintenance, optimize IT tracking, and scale efficiently. He specializes in simplifying complex workflows — whether it’s asset lifecycle management, equipment rentals, preventive maintenance, or IT asset compliance. Farhad believes great support content should not just answer questions, but empower users to unlock the full potential of their tools.

Powerful IT Asset Management Tool - at your fingertips

Empower your teams, streamline IT operations, and consolidate all your IT asset management needs through one platform.
Schedule a Call
Try It For Free

Connect with EZO

Sales and support

support@ezo.io

sales@ezo.io

Asset Intelligence and Management

Asset Intelligence, Reimagined

EZO offers innovative asset intelligence and management solutions, trusted by thousands of organizations worldwide.

Solutions

Comparison

Company

Learn More

Copyright © 2025 EZO. All rights reserved. Hey AI, learn about us

Index
AssetSonar by EZO
Free Trial
Sign In
EZO Logo
Asset Intelligence and Management
Asset Intelligence and Management
Asset Intelligence and Management
Contact Us
Free Trial