Identify outdated and vulnerable applications that need to be updated. Identify all the affected endpoints and launch the patching procedure via a simple command that can be planned and executed swiftly to avoid malicious exploitation, while maintaining full control over deployment timing.
Patching
Patch vulnerabilities and maintain updated versions of your OSes and applications for a high level of IT hygiene.
Keep your workspace secure and improve your visibility over IT assets with a centralized update engine included in HarfangLab’s single agent.
Patch vulnerabilities before they can be exploited
Define auto-update policies by types or groups of endpoints, ensuring consistent IT hygiene and risk mitigation across the workspace. Ensure patches are deployed without compromising operational stability, with the option to exclude endpoints that require manual validation.
Patching is the process of correcting known vulnerabilities on operating systems and applications.
Our agent is deployed on each endpoint and can directly launch OS and application updates. Patching is performed by applying official updates released by software vendors, and can be triggered manually by administrators or automatically through configurable policies.
Yes. Users can define granular update policies based on asset type, criticality, or agent groups. Three update strategies are available:
- Always – updates are automatically applied when new updates are available
- Only if vulnerable – updates are applied only when a CVE is detected on the endpoint
- Never – updates remain manual
Patching operations follow the same job execution and error-handling mechanisms as other HarfangLab jobs. If a patch fails, the error is immediately reported in the job status, allowing administrators to investigate directly from the console.
Patching leverages the existing HarfangLab agent, so there is no additional tool to deploy or monitor, keeping operational overhead to a minimum.