JOATOSIT Operations Platform
Browse documentation

Endpoint software and patches

Endpoints

Because the agent runs on the machine, an endpoint's detail page shows what's installed, how up to date it is, and any known vulnerabilities — all reported automatically on the agent's heartbeat.

The endpoint detail tabs

TabShows
OverviewIdentity (network + hardware), a live CPU / RAM / disk monitor, the disks table, and agent status
SoftwareInstalled applications
PatchOS build, last-patched date, and installed updates
VulnerabilitiesKnown CVEs matched from the installed software
MonitoringAgent status, version, last heartbeat, and enrolment details

Server-only tabs (Services, Roles, Events, Hypervisor) are hidden on endpoints because they don't apply to a client OS.

Software

The Software tab lists installed applications with Name, Version, and Publisher. The agent gathers this from the machine and sends it periodically, so a freshly enrolled endpoint may show "No software reported yet" until the first inventory arrives.

Patch

The Patch tab shows the machine's OS build and last patched date, plus a table of installed updates (update ID such as KB5034441, title, and installed date). This tells you the patch level of the machine from what's already applied.

Vulnerabilities

The Vulnerabilities tab lists open findings matched from the endpoint's software inventory against CVE data:

  • CVE, Severity, Affected software + version, CVSS score, and First seen date.
  • Findings auto-resolve when the vulnerable software is removed or updated at the next inventory.
  • You can Dismiss an individual finding.

See Vulnerabilities for how scanning works across the whole estate, and Patches for the fleet-wide patch view.

Notes & tips

  • Endpoints report on a heartbeat — there's no manual "scan now"; data refreshes as the agent checks in.
  • Vulnerability findings are inventory-driven: they come straight from the software the agent reports, so keeping the agent healthy keeps findings accurate.

Related