Hi All,
I am wondering if anyone has implemented anything to easily track the Microsoft patch Tuesday vulnerabilities that are generated each month.
We have patch automation in place to regularly patch our endpoints and windows servers for these vulnerabilities, so for the vast majority of the vulnerable items created each month we don't need to do anything. Therefore, want to have some automation in place to easily surface those which didn't get patched in the usual timeframe.
We use MS defender to scan our endpoints and Qualys for scanning our servers. Currently I am manually creating a new watch topic each month after the patch Tuesday announcement with a filter based on all the CVEs and related Qualys QIDs. This is reliant on being available around patch Tuesday and remembering to create the new watch topic each time.
I was trying to see if there was some way people have managed to auto tag or use the classification rules in order to auto identify a VIT as being linked to patch Tuesday.
Any examples of solutions people are using or any ideas people have around this would be great.
Thanks
Sam
