Creating and Managing Patching Tasks in SanerCVEM

Product Version: 6.5.X.X

Overview

Patching Tasks in Saner CVEM enable administrators to deploy security patches across endpoints in a controlled and automated manner. This feature helps remediate vulnerabilities, keep systems up to date, and monitor patch deployment status from a centralized console.

Purpose

This article provides a step-by-step guide on how to create, manage, and monitor patching tasks using the Patch Management module in Saner CVEM.

Issues Addressed

Patching Tasks are used when you need to:

• Patch vulnerable systems

• Manage scheduled or immediate patch deployments

• Monitor patch deployment progress and results

Steps to Create and Manage Patching Tasks

Step 1: Log in to the Saner CVEM Console

1. Open a web browser.

2. Navigate to: https://saner.secpod.com

3. Log in using administrator credentials.

Step 2: Navigate to the Patch Management Module

1. From the dashboard, click on Patch Management.

Step 3: Select Vulnerable Assets or Patches

You can initiate patching from either of the following tabs:

• Assets Tab

  • Select the devices you want to patch.

• Patches Tab

  • Select a specific patch and deploy it across multiple devices.

Use filters to refine the selection based on:

• Severity

• KB number

• Operating system

Step 4: Create a New Patching Task

1. Click on Create Patching Task.

2. Choose the required task type:

   • Install (Create installation task)

   • Test and Deploy (Used for pre-production testing)

3. Enter a unique and meaningful task name for easy identification.

Step 5: Configure Patching Criteria

Configure the following settings:

• Execution Type

  • Immediate

  • Scheduled

• Reboot Options

  • Allow reboot

  • Suppress reboot

  • Notify users before reboot

• Test and Deploy (if selected)

  • Define test and production device groups separately

Click Next after completing the configuration.

Step 6: Review and Submit the Task

1. Review all selections in the summary screen.

2. Confirm target devices, patches, and reboot behavior.

3. Click Submit to deploy the patching task.

Step 7: Monitor the Patching Task

1. Navigate to Patch Management > Status.

2. Monitor the following details:

   • Patch installation success and failure rates

   • Systems pending reboot

   • Patch history by device or by patch

3. Click on a task name to view detailed logs and asset-wise status.

Additional Notes

• Patching tasks can be paused or deleted from the Status tab if required.

• Always verify device connectivity and agent status before scheduling patch deployments.

• Ensure reboot policies are aligned with business hours to avoid operational disruption.

• Use Test and Deploy for mission-critical systems to validate patches before full rollout.