How often is data refreshed from the Vulnerability Scanning Sub-Agent?
The vulnerability subagent platform runs a scan every 4 hours on your asset. Armor pulls data from the subagent on a separate 4 hour interval and stores it. When you click the "refresh data" link on the "Vulnerabilities" tab, a new snapshot is generated reflecting the most recent data pulled, this data is refreshed automatically every day at 10:00 PM UTC. You can also generate a new Report with this data from the Reports tab by clicking "Get New Report". This is generated automatically every Sunday at 10:00 PM UTC and is stored for 13 months.
What is the Severity scale?
As of April 1, 2021 we are using the NVD CVSS v3.0 Vulnerability Severity Ratings (0 - 10, None - Critical) (https://nvd.nist.gov/vuln-metrics/cvss). Prior to this date, the Severity score was based on the subagent platform scoring
The vulnerability scoring of my reports suddenly changed several of my criticals to non-critical, why?
On April 1, 2021 we switched from the vulnerability subagent platform severity scoring to the industry standard of NVD CVSS v3.0 (https://nvd.nist.gov/vuln-metrics/cvss). Some of what the vulnerability subagent platform deemed critical, may not have a 10.0 CVSS v3.0 score.
Why is the Vulnerability Scanning Sub-Agent showing unhealthy?
This can happen for a number of reasons including, but not limited to:
Vulnerability agent did not install successfully
Vulnerability agent did not sync to armor correctly
Vulnerability agent service is not running
For more information on remediating vulnerability agent issues, please see the following documentation.
What do I do if the vulnerability agent did not install correctly?
Before contacting support try running the `armor vuln reinstall` command, if that does not remediate it, run the `armor vuln diagnostics` command and open a ticket with support.
If uninstalling and reinstalling continues to fail, a reboot might be required.