ControlUp for Compliance Archives - ControlUp

ControlUp for Compliance: Direct Data Index Access API Feature Launched

Jeff Johnson — Tue, 09 Dec 2025 06:59:12 +0000

ControlUp for Compliance Announces Direct Index API Access

ControlUp for Compliance provides an unparalleled, real-time view of your organization’s compliance posture. It’s a vast repository of critical security and policy metrics, audit logs, and configuration status—all stored in powerful, structured indices. We are thrilled to announce a major improvement that will fundamentally change how your organization leverages this data: ControlUp for Compliance is opening up a broad set of its underlying data indices for direct access via a robust, new API. This release is a game-changer for compliance officers, security analysts, and IT governance teams. It transforms compliance data from a monitoring platform to a fully queryable source of enterprise intelligence, ready to integrate into any internal or third-party system.

What This Means for Your Organization

ControlUp for Compliance collects thousands of data points across your environment—from policy adherence checks and configuration drift alerts and vulnerability findings. Until now, accessing this deep, granular data outside of the ControlUp console often required custom reporting or specialized integrations. With the new compliance public API, you can bypass those steps and directly query the raw data indices. This unlocks several new possibilities:

Unified Reporting & Governance Dashboards: Integrate compliance data seamlessly into your existing BI platforms like Power BI, Tableau, or Splunk. Combine compliance metrics, risk assessments, or incident reports to create a complete picture of organizational security and regulatory posture.
Automated Risk Response: Build sophisticated custom automations. For instance, query the /{devices}/patches to pull all patches and open a ticket or create a “todo list”.

Get Started: Test with Postman in Minutes

The new API endpoints are built on modern REST principles, making them intuitive and powerful. For technical users, the best part is the ability to test and explore your data structure immediately with common API tools. You can use Postman, Insomnia, or simple cURL commands to validate, structure, and refine your queries before you even write a single line of production code.

A Sneak Peek at Testing

Once you generate your API key (available in the ControlUp ONE Platform settings), you can begin querying your compliance data indices. For example, you could use Postman to make a POST request to the relevant Data Access Layer (DAL) endpoint, structuring your query body to specify the exact index and metrics you need. This hands-on approach allows you to:

Discover all available compliance-related indices and their schemas.
Experiment with filtering, sorting, and aggregation parameters.
Prototype new integrations in a sandbox environment before deployment.

Ready to Build the Future of Compliance Management?

The direct index API access feature is more than just a new tool—it’s an open invitation to truly own your compliance data. Visit our updated API documentation for a full list of available endpoints and data indices. Start building the custom dashboards, integrations, and automated workflows that move compliance operations into the era of autonomous compliance management. Log in to your ControlUp console today, generate your API key, and unlock the full potential of your compliance data.

ControlUp for Compliance Support for macOS

Jeff Johnson — Tue, 04 Nov 2025 12:25:25 +0000

ControlUp is known for lowering the security risk by implementing ControlUp for Compliance for automating patching, drift prevention, security software inventory for Windows devices. These features ensure that systems remain up-to-date, secure, and compliant with organizational policies. Recently, ControlUp expanded the operating system footprint by including support for macOS devices. This enhancement allows organizations to secure their macOS devices with the same efficiency and reliability as ControlUp for Compliance does for Windows. With this release, ControlUp support for macOS will focus on automated risk mitigation for 3rd party application patches. In this blog, I will guide you through the process of adding a macOS device to your ControlUp for Compliance inventory and then scanning and remediating macOS applications.

Adding a macOS device to your ControlUp for Compliance inventory

To deploy a macOS compliance agent you first need to install a ControlUp for Desktop agent on the macOS device. ControlUp provides support for macOS 13.7.2+ on Intel x64 or Apple Silicon (M1+).

Figure One, Edge DX macOS agent installation.

Once the ControlUp for Desktops macOS agent is installed, you can then deploy the ControlUp for Compliance agent by navigating to the ControlUp for Compliance configuration section. Clicking the Install button will notify ControlUp for Desktops to install the Compliance agent on the mac device.

Figure Two, ControlUp for Compliance macOS agent installation

Scan and remediate macOS and mac applications with ControlUp for Compliance.

Once the Compliance agent is installed, ControlUp can scan and remediate one or all of the macOS devices in your organization. Figure Three is an animated GIF that goes through the macOS patch remediation process. Figure Three, ControlUp for Compliance support for macOS With the addition of macOS support, ControlUp ControlUp for Compliance continues to demonstrate its commitment to providing comprehensive, cross-platform security solutions. This new capability ensures that organizations can maintain the same high standards of security for macOS devices. We are excited to see how this enhancement will help our users streamline their IT operations and enhance their overall security. Stay tuned for more updates and features as we continue to innovate and expand our offerings.

Frictionless IT Compliance: Reducing Risk Without Slowing Teams Down

Kendal Rodgers — Thu, 09 Oct 2025 04:00:43 +0000

Compliance and productivity often seem at odds. Tightening security controls usually means more downtime, slower systems, and frustrated employees. But disruption isn’t an option. The real challenge isn’t choosing between security and productivity… because we all know modern IT organizations must prioritize both. The question is how to strengthen compliance without grinding business operations to a halt. And the answer lies in rethinking compliance as a seamless, background process rather than a disruptive intervention.

The Friction Problem: Why Traditional IT Compliance Falls Short

IT teams know this scenario all too well: a critical security vulnerability surfaces, demanding immediate attention. The traditional reactive approach kicks in, and suddenly you’re facing a cascade of problems that ripple throughout the organization. The disruption is immediate and costly:

Workflow Interruptions: Employees lose access to essential applications and data, grinding productivity to a halt while patches are applied or systems are taken offline for maintenance.
User Experience Degradation: Every forced update, system slowdown, or access restriction chips away at the digital employee experience, creating frustration and reducing overall job satisfaction.
Resource Drain: Manual patch management and reactive troubleshooting consume valuable IT resources that could be better spent on strategic initiatives.

This cycle becomes particularly problematic when you consider the expanding attack surface of modern IT environments. With the proliferation of diverse endpoint devices, endless SaaS applications, and remote work scenarios, maintaining IT compliance standards while preserving operational efficiency has become exponentially more complex. The fundamental issue lies in traditional compliance methods. They treat security as something that happens to the business rather than with it. This approach makes security feel like a hindrance rather than an enabler of business objectives.

A New Standard of Real-Time, Background Compliance

What if compliance didn’t have to disrupt your business operations? What if security enhancements could happen transparently, without employees even noticing? ControlUp for Compliance acknowledges that the best security strategies embrace user behavior instead of opposing it. It transforms IT compliance management by delivering real-time monitoring and automated remediation that operates seamlessly in the background.

How Frictionless Compliance Works in Practice

Continuous Vigilance

Instead of periodic scans that create snapshots of your security posture, ControlUp provides continuous monitoring of your entire IT environment. This means potential compliance issues are identified and addressed before they can impact operations or create vulnerabilities.

Intelligent Automation

The platform’s automation engine detects problems, but it also resolves them. Patch and vulnerability management happen automatically, with software updates deployed strategically to minimize user impact while maintaining security standards.

Drift Detection and Correction

Configuration drift prevention ensures that systems maintain their intended security configurations over time. When deviations occur, they’re corrected automatically without manual intervention or user disruption.

Proactive Issue Resolution

Through proactive synthetic monitoring, ControlUp identifies potential problems before they manifest as user-facing issues or compliance violations. This forward-looking approach means fewer emergencies and more predictable operations.

The Business Impact: Security That Enables Rather Than Constrains

When compliance becomes frictionless, the entire dynamic between IT and business operations changes. Instead of security being viewed as a necessary evil that slows things down, it becomes an invisible enabler that keeps business moving smoothly.

For IT Teams: Resources previously spent on reactive firefighting can be redirected toward strategic initiatives. Patch reports provide clear visibility into security posture without requiring manual compilation. Access control and management become automated processes rather than time-consuming manual tasks.
For End Users: The digital employee experience improves because security measures don’t interfere with daily workflows. Applications remain available, systems stay responsive, and productivity remains high even as security is strengthened behind the scenes.
For Leadership: Risk reduction happens without operational disruption. Compliance with IT standards becomes an ongoing process instead of a one-time task. This approach helps the organization stay secure and maintain its competitive edge.

Building a Resilient IT Foundation

Sure, frictionless compliance is about meeting regulatory requirements. But, more than that, it’s about building an IT infrastructure that can adapt and respond to threats while supporting business growth. This approach acknowledges that today’s threat landscape requires compliance technology to be agile and responsive to emerging threats. The key is shifting from a reactive, disruptive model to a proactive, integrated approach. When vulnerability detection and compliance become part of the fabric of your IT operations rather than separate processes that interrupt them, you achieve both stronger security and better business outcomes.

Making the Transition

Moving to frictionless compliance often requires new tools, but it also requires a new mindset. The goal is to create an environment where security improvements support business operations. Compliance should be a competitive advantage, not a burden.

Looking to secure your digital workplace without compromising productivity? Learn more about automating risk management at scale.

Just Landed for ControlUp for Compliance: Improvements to the Microsoft Intune Integration and Device Restart

Jeff Johnson — Tue, 22 Jul 2025 04:00:07 +0000

Now in Beta: ControlUp for Compliance Patch Management Integration for Microsoft Intune

Microsoft Intune is great for OS and application deployment and patch management. Many enterprises complement Intune by integrating IT Service Management (ITSM) and IT Asset Management (ITAM) applications to provide a complete and accurate audit trail of the company’s security posture and asset health. However, support teams using ControlUp for Compliance often find missing patches before Intune discovers them. That’s where ControlUp steps in, offering an integration that enables support teams to discover and deploy patches while supporting auditing and compliance.

How to ControlUp for Compliance Works with Microsoft Intune to Enhance Patch Management:

ControlUp for Compliance automatically (through templates) or manually detects vulnerabilities on endpoints in real time
ControlUp for Compliance then creates and sends a package to Microsoft Intune
Intune automatically deploys the package to the devices identified by ControlUp for Compliance
Intune then notifies the ITSM and/or ITAM
ControlUp for Compliance then displays the patching status and confirmation that the patch was applied successfully

This automation isn’t just a convenience; it’s a strategic advantage. It significantly reduces the workload on your IT and security teams, allowing them to focus on more strategic initiatives. More importantly, it minimizes the window of exposure to potential threats in real-time, ensuring greater IT compliance, improved system stability, and a more secure and efficient digital environment for your employees.

Why Real-Time Vulnerability Remediation Matters for Your Business

What does real-time vulnerability mean for your day-to-day operations and your overall security posture? Let’s dive into the core benefits:

Stay Ahead of Threats: The faster you can detect and fix a security hole, the less chance an attacker has to exploit it. Our real-time vulnerability detection paired with immediate, automated patching drastically shrinks that window of exposure. This isn’t just about being reactive; it’s a truly proactive approach that significantly slashes the risk of successful cyberattacks and costly data breaches by addressing vulnerabilities before they become a problem.
Enhanced Efficiency and Automation: Manual patching processes are a drain on resources. With ControlUp and Microsoft Intune, we automate the entire patching workflow from spotting the vulnerability to deploying the fix and even updating your ITSM and ITAM systems. This eliminates time-consuming manual efforts, freeing up your IT and security teams to tackle more strategic initiatives. The result? Better overall operational efficiency and a significant reduction in human error.
Improved Compliance and Readiness: Compliance doesn’t have to be a headache. Our integrated workflow ensures every patch is deployed and accurately recorded across your ITSM and ITAM systems by Microsoft Intune. This creates a clear, comprehensive, and auditable trail of all security activities. Meeting regulatory requirements and proving due diligence becomes straightforward and effortless.
Accurate Management and Reporting: Get a clear picture of your IT environment. By automatically updating your ITAM systems, you gain a more accurate and up-to-date view of your asset inventory and its security status. This isn’t just data; it’s intelligence that enables better decision-making for asset lifecycle management, resource allocation, and provides more precise reporting on your organization’s overall security posture.
Minimized Disruption: Security incidents can bring your business to a halt. By quickly addressing vulnerabilities, we significantly minimize the risk of system downtime or performance degradation. This directly contributes to greater business continuity and a more stable, reliable IT environment for your employees, ensuring their productivity stays uninterrupted.

ControlUp’s integration with Microsoft Intune isn’t just about applying patches; it’s about transforming your vulnerability management strategy into a proactive, efficient, and auditable process. Empower your organization with real-time protection and unlock a new level of security and operational excellence.

Improvement to the Device Restart Feature

When deploying a patch, rebooting a device, or restarting an application without user consent is rude, but allowing the user to delay the reboot or restart indefinitely is risky. ControlUp for Compliance has found the right balance to allow flexibility and control for the end user and higher compliance for the security team.

How to Use the New and Improved Device Restart Feature:

Device and application restarts can now be precisely configured to:
- Never automatically restart: For critical applications or specific user needs
- Restart immediately: For urgent security updates
  - When an immediate restart is configured, ControlUp for Compliance provides a clear 10-minute countdown, giving users ample warning before the application or device restarts.
- User-controlled delay: Users can pause the restart for a configurable period, from one minute up to five days, allowing them to complete their work without interruption.

ControlUp for Compliance Device Restart Screen

This intelligent restart functionality enhances user experience while ensuring that critical updates are applied on time, significantly improving compliance and reducing security risks.

Learn More

If you’d like to see these new capabilities in action, schedule a personalized demo with one of our experts today.

Beyond Productivity: How Real-time Security & IT Compliance Elevate Digital Employee Experience

Jeff Johnson — Thu, 22 May 2025 05:47:36 +0000

When we discuss digital employee experience (DEX), the conversation often centers on real-time data, automated remediation, and seamless workflows. And for good reason – these elements are crucial for boosting employee satisfaction and productivity. However, there’s a foundational, often-overlooked pillar that underpins a truly positive end-user experience: real-time security and IT compliance. Consider your own digital interactions. How confident are you that the tools you use won’t expose your data to breaches and phishing attempts? How secure do you feel that your sensitive information is managed responsibly? The answer, unequivocally, is “not very.” While sometimes perceived as cumbersome, technical, or even restrictive, robust security and proactive compliance are not obstacles to a great digital employee experience; they are its silent enablers and champions. These capabilities provide the peace of mind and stable environment employees need to thrive without slowing you down. Here are the top five ways that digital employee experience solutions, like ControlUp, significantly elevate the digital workplace employee experience with real-time security and compliance capabilities:

Fostering Trust and Confidence with Proactive IT Management

If employees are concerned about exposing themselves or the organization to potential risk by clicking on a link or ignoring an update, it can impact productivity and trust. And if there is an incident, it can dramatically impact users. When security is robust and compliance is transparent, employees gain a crucial sense of safety and confidence. They can interact with digital tools and data, knowing the organization is taking proactive measures to protect them.

ControlUp’s real-time monitoring and proactive synthetic testing provide IT teams with unparalleled visibility, allowing them to detect and address potential security vulnerabilities before they impact users. This translates directly into fewer security incidents and a more secure, trustworthy environment for end-users, profoundly improving the digital workplace experience.

Reducing Disruptions and Downtime with Real-time Remediation

Security vulnerabilities and compliance deviations can lead to significant, costly disruptions. Imagine the impact of a ransomware attack locking down critical systems or a compliance audit halting essential processes due to unpatched applications or misconfigurations. These events not only cause immense frustration and lost productivity but also severely erode employee trust in their digital workspace’s reliability.

ControlUp’s real-time monitoring and autonomous remediation capabilities empower IT to swiftly identify and resolve performance issues, security anomalies, and implement effective patch management. For example, if ControlUp detects unusual resource consumption from a potentially malicious process or identifies an unpatched application with known CVEs, it can alert IT or even automatically mitigate the risk, ensuring a stable, always-on digital environment for employees.

Enabling Secure and Flexible Work Through Granular Visibility

In today’s hybrid work landscape, employees demand secure, flexible access to information and tools from various locations and devices. Robust security measures, such as multi-factor authentication, secure VPNs, and comprehensive device management, facilitate this flexibility without compromising data integrity. Knowing the company has implemented strong security protocols allows employees to work remotely or on the go with confidence, enhancing their autonomy and work-life balance—core components of a positive end-user experience.

ControlUp’s granular, real-time visibility into endpoint performance and user activity helps IT ensure security policies are consistently enforced across all devices, regardless of location, supporting secure and compliant access without hindering employee flexibility.

Simplifying Processes and Reducing Friction with IT Automation

While seemingly counterintuitive, well-implemented security and compliance can streamline processes. Single sign-on (SSO), often a security mandate, significantly reduces password fatigue and streamlines the login experience. Similarly, automated compliance checks prevent errors and delays, making workflows smoother.

ControlUp’s User Risk Analytics proactively identifies employees performing risky logins to SaaS applications (including VPNs) by analyzing factors like device type (managed vs. unmanaged), authentication methods, and application security. This data helps IT prioritize risks, optimize access, and, in conjunction with ControlUp’s automation, simplify security while reducing friction.

Protecting Employee Data and Privacy with Auditing and Reporting

IT compliance regulations like GDPR, CCPA, and industry-specific mandates dictate how organizations manage employee data. Adhering to these regulations is not only legally required, but also demonstrates a commitment to employee privacy and is fundamental for building trust. Knowing their personal information is managed responsibly contributes significantly to a positive perception of the digital workplace.

ControlUp’s robust auditing and reporting features, including detailed audit logs and compliance dashboards, provide a clear trail of system activities, resource usage, and security posture. This transparency, critical for demonstrating compliance, assures employees that their data is being managed securely and in accordance with relevant laws and organizational standards.

Stay Compliant Without Slowing Down

Improving security and ensuring IT compliance are far more than just avoiding risks and adhering to regulations. They are fundamental to building a robust, trustworthy foundation for a genuinely positive digital employee experience. And contrary to popular belief, it can be achieved without impacting performance. By fostering trust, reducing disruptions, enabling secure flexibility, simplifying processes, and protecting employee data, robust security and compliance measures empower employees to engage with their digital workspace with confidence, ease, and productivity. ControlUp stands out by providing real-time visibility, intelligent insights, and autonomous remediation capabilities that allow organizations to proactively manage their security and compliance posture. This directly translates to a smoother, more secure, and ultimately superior digital workplace for everyone. Investing in these areas, especially with powerful tools like ControlUp, is not just a necessity for digital workplace management; it’s a strategic imperative for a more productive, satisfied, and successful workforce.

Want to learn more about how you can achieve IT compliance and improve the end-user experience?

Schedule a personalized demo today.

ControlUp for Compliance: Manual Patch Remediation

Adi Lahav — Sun, 18 May 2025 12:01:27 +0000

ControlUp for Compliance: Enhancing Infrastructure Security and End User Experience

Jeff Johnson — Tue, 25 Feb 2025 08:24:53 +0000

At ControlUp, we believe in delivering great Digital Employee Experience (DEX) software right out of the box. However, we also know that our customers often have fantastic ideas for improvements to our DEX platform. In this blog, I’m excited to share two new updates to ControlUp for Compliance, part of the ControlUp ONE platform, that will enhance the security of your digital workplace and boost the end user experience.

Optimize Compliance with Customizable IT Security Scanning and Remediation Schedules

Templates allow you to set scanning and remediation schedules for devices in your environment. Originally, these templates followed a “set-it-and-forget-it” approach, where you could create a template, assign devices, set compliance scan and remediation options, and set the schedule for when the template should run. This approach was easy and useful, but some customers needed more detailed information about template status. Now, ControlUp for Compliance includes detailed status reports for each template in your library. You can now view the scanning and remediation status for:

Devices
Vulnerabilities
Application patches
Operating System patches
Misconfigurations

Figure One, Template Status Report

This update lets you see which devices were successfully scanned and remediated and identify any that failed to receive or install a patch. This added visibility helps ensure that your environment remains secure and compliant.

Easily Share Compliance Data

Access to compliance data is crucial for many people and departments within a company. While ControlUp for Compliance includes role-based access, not everyone is trained to use the software. To address this, we’ve added the ability to download compliance information to CSV files. These files can be easily sorted and distributed to meet the data compliance needs of your organization. You can now download CSVs from the following areas of the user interface:

Issues
Users
Devices
Apps
Templates
Jobs

Figure Two, CSV Download

Downloading data to a CSV makes it easier to share compliance data with colleagues who may not have direct access to the ControlUp ONE platform, ensuring that everyone has the information they need. These new updates to ControlUp for Compliance enhance your IT infrastructure security and end user experience. We are committed to continuously improving our products based on your valuable feedback.

Ready to learn more?

To see these features in action, you can schedule a demo for a walk-through with one of our DEX experts. They can provide personalized insights and help you maximize ControlUp for Compliance. Thank you for your continued trust in ControlUp!

Learn more about ControlUp for Compliance

ControlUp for Compliance: Overview

Joel Stocker — Wed, 22 Jan 2025 12:49:22 +0000

Easily Find the Most Pressing Desktop and Applications Security Issues

Trentent Tye — Thu, 19 Dec 2024 12:25:57 +0000

In a previous blog, I walked you through and showed you how easy it was to create a ControlUp for Compliance template that automatically scans all or a subset of the desktop devices in your environment. I suggest you read it as this blog builds on that blog. In this blog, I will introduce you to the Issues dashboard, where you can see what issues were found during the scan and how easy it it to remediate them. On the ControlUp for Compliance dashboard, click the Issues tab. This will give you an overview of issues you should address.

Figure 1 – Issues dashboard

The top of this dashboard has two widgets: a graph of issues over time and the issues by category: misconfigurations, vulnerability, and compliance.

Finding Issues on a Device

The two top widgets give a high-level overview of an environment’s entire health, but we want to get into the details of the specific problems on specific devices; this is what the lower grid is used for. The most useful column in the Issues grid is the Score, which shows the severity, category, and number of devices affected by the issues that ControlUp for Compliance has identified. We refer to this as Smart Prioritization. The grid’s columns are sortable and filterable. In my case, I filtered by the Critical column and then by the Score column.

Figure 2 – Device Grid

The best way to understand this grid is through an example. As I wanted a problem that I could fix I set my grid filters to a Critical severity with an Available remediation. On the grid I see an issue with firewalls being turned off. There are many reasons may people may turn off their firewall, for example I turn off my firewalls when debugging problems. The devices column shows that four devices have their firewall turned off.

Figure 3 – Filtered Grid

I clicked “Turn on Firewall on the Device.” This brings up a detailed dashboard on this issue, including the devices that have this issue, where they are located, and if any apps or OSes are affected by it, as well as a timeline graph of the number of devices that have it.

Figure 4 – Details Dashboard

The timeline shows that more and more devices have had this issue over time. I selected the devices that I wanted to fix and then selected Remediate from the Action drop-down menu

Figure 5 – Selecting Devices to Remediate

Fixing Issues

This brings me to a job panel where I can fix the issue immediately or schedule the device to be remediated by having the firewall turned on.

Figure 6 – Summary Page

Other Ways to Fix Issues

There are other ways issues can be remediated as well. For example, you can do it from the Issues main dashboard.

Figure 7 – Issues Dashboard

Clicking the Jobs tab will show you more information about the jobs, such as their status, and let you click a job to get more information about it.

Figure 8 – Jobs Dashboard

Failure is Not an Option

The most important thing I found on a job’s dashboard is if any devices failed to be remediated. If the job did fail, it might need manual investigation and remediation.

Figure 9 – Jobs Status

Organizations must ensure that devices are as safe as possible, and ControlUp has greatly simplified this process by using ControlUp for Compliance templates and jobs. My next blog will examine how ControlUp for Compliance works with users, devices, and applications. For more information on ControlUp for Compliance or any of our other award-winning products or to schedule a personal demo, click here.

Using Templates to Automate Desktop Security

Trentent Tye — Wed, 18 Dec 2024 09:59:50 +0000

In another blog, Eldad discussed the benefits of ControlUp’s latest product, ControlUp for Compliance. I highly recommend reading that article before jumping into this one, as it will give you an overview of ControlUp for Compliance, a real-time scanning, detection, and remediation tool. I will show you how it is used in this and subsequent blogs. In this blog, I will go over the Issues and Template dashboards. I think managers will spend most of their time on the Issues dashboard, while technologists will spend most of their time on the Template dashboard. I will cover other dashboards in other blogs. You launch ControlUp for Compliance from the ControlUp dashboard by clicking the ControlUp for Compliance (shield) icon in the left navigation panel.

Figure 1 – ControlUp for Compliance Icon

Overview of Issues

The dashboard will start on the Issues dashboard, giving you an overview of issues you should address.

Figure 2 – Issues dashboard

The top of this dashboard has two widgets: a graph of issues over time and the issues by category: misconfigurations, vulnerability, and compliance. Under this is a sortable and selectable grid of the issues. Before diving into the Issues dashboard, let’s look at the Templates tab. This tab allows us to create a set of things to check against and specify what devices to check. This workflow will enable you to schedule a scan and remediate the issues.

An Issues Checklist

I like checklists because they allow me to take specific actions. I think of ControlUp for Compliance templates as an automated checklist for issues. I will check for all the CVEs on my environment’s Windows desktop systems for this example. Trying to do this manually would be almost impossible without a tool like ControlUp for Compliance. To do this, click Create Template.

Figure 3 – Creating a Template

Give the new template a name (i.e., Desktop OS Critical, and choose from the drop-down menu if you want to select the devices you want to check by Device Groups, Tags, or Operating System. Device groups and tags are assigned using Edge DX. They are handy for creating device subsets by departments, lines of business, and geographical location or when doing a test rollout of new applications. For this example, I will create a template based on the operating system and assign devices running Windows desktop OSes to it.

Figure 4 – Scanning Devices

I clicked Next: Scanning Scope at the bottom of the dashboard. I then chose to scan for all the Vulnerabilities. These are known CVE issues that will be looked for.

Figure 5 -Scanning Scope

I clicked Next: Remediation at the bottom of the dashboard. This allowed me to select whether I wanted auto-remediation or not.

Figure 6 – Remediation’s

NOTE: Use caution when remediating issues, as they are very powerful. For example, in Security Checks under Compliance, you can remove the user from the local admin group. This is a very powerful remediation, but if the device does have a user with administration rights outside of the local admin group and you remove the rights to the local admin users, you will not have a user with admin rights. I clicked Next: Schedule at the bottom of the dashboard, which brought me to a panel that allowed me to specify when the scan and remediation take place and send a message (optional) to the users when it does.

Figure 7 – Schedule

In the Time slot drop-down menu, you can specify how often you want the actions to occur.

Figure 8 – Schedule details

I clicked Next: Summary at the bottom of the dashboard to verify my template, then clicked Submit to create it.

Figure 10 – List of Templates

The three vertical dots to the far right in each column allow you to disable, edit, duplicate, and delete the templates.

Figure 11 – Template Management

As you can tell by this blog, ControlUp has made it extremely easy to create a template to scan and remediate issues for the devices in your company. In my next blog, I will return to the Issues dashboard to see how it is used. Click here for more information on ControlUp for Compliance or any of our other award-winning products or to schedule a personal demo.