Browse documentation
Endpoint software and patches
Because the agent runs on the machine, an endpoint's detail page shows what's installed, how up to date it is, and any known vulnerabilities — all reported automatically on the agent's heartbeat.
The endpoint detail tabs
| Tab | Shows |
|---|---|
| Overview | Identity (network + hardware), a live CPU / RAM / disk monitor, the disks table, and agent status |
| Software | Installed applications |
| Patch | OS build, last-patched date, and installed updates |
| Vulnerabilities | Known CVEs matched from the installed software |
| Monitoring | Agent status, version, last heartbeat, and enrolment details |
Server-only tabs (Services, Roles, Events, Hypervisor) are hidden on endpoints because they don't apply to a client OS.
Software
The Software tab lists installed applications with Name, Version, and Publisher. The agent gathers this from the machine and sends it periodically, so a freshly enrolled endpoint may show "No software reported yet" until the first inventory arrives.
Patch
The Patch tab shows the machine's OS build and last patched date, plus a table of installed updates (update ID such as KB5034441, title, and installed date). This tells you the patch level of the machine from what's already applied.
Vulnerabilities
The Vulnerabilities tab lists open findings matched from the endpoint's software inventory against CVE data:
- CVE, Severity, Affected software + version, CVSS score, and First seen date.
- Findings auto-resolve when the vulnerable software is removed or updated at the next inventory.
- You can Dismiss an individual finding.
See Vulnerabilities for how scanning works across the whole estate, and Patches for the fleet-wide patch view.
Notes & tips
- Endpoints report on a heartbeat — there's no manual "scan now"; data refreshes as the agent checks in.
- Vulnerability findings are inventory-driven: they come straight from the software the agent reports, so keeping the agent healthy keeps findings accurate.