Tracking Device Vulnerabilities

COMPLIANCEMONITORINGOPENFRAMEPATCH MANAGEMENTSECURITY

Phase 4 — Monitoring & Policies · Step 6

Section

June 25, 2026

Published

Vladislav Marchenko

Vladislav Marchenko

Head Of Marketing

Tracking Device Vulnerabilities

Phase 4 — Monitoring & Policies · OpenFrame Onboarding

Knowing what's installed is half the picture (the Software tab); knowing what's risky is the other half. The Vulnerabilities tab on a device cross-references that installed software against known security issues, so you can catch exposure before it becomes an incident. This guide covers reading it.


Where it is

Open a device from Devices, then the Vulnerabilities tab on its detail page. It works hand-in-hand with the Software tab's per-app Security column — Vulnerabilities is where a flagged app's detail lives.


Reading the results

  • No Vulnerabilities Found — the clean state: "All installed software is up to date and secure." Nothing flagged for this device.
  • Vulnerabilities listed — each flagged item points back to installed software with a known issue, so you can see which app and version is exposing the machine.

Because the check is driven by the device's actual software inventory, a device that's fully patched and current shows clean, while one running outdated software surfaces here.


Turning findings into action

Vulnerabilities tracking is a monitoring activity — it belongs to the same "get ahead of problems" mindset as the rest of Phase 4:

  • Remediate the source. A flagged app usually means an out-of-date version. Update or remove it (a script from Phase 5 is often the fastest fix across machines).
  • Confirm patch posture. Cross-check the device's Compliance tab (patch status) — many vulnerabilities trace back to missing patches (see Device Compliance & Evidence, Phase 9).
  • Make it routine. Scan vulnerabilities as part of your regular health pass, not just after an alert — that's the whole point of proactive monitoring.

Quick checklist

  • Opened a device's Vulnerabilities tab
  • Read the state — No Vulnerabilities Found vs. flagged items
  • Traced any finding back to the installed software behind it
  • Planned remediation (update/remove, often via a script)
  • Cross-checked patch status on the Compliance tab
  • Folded vulnerability review into your regular monitoring routine

What's next

Vulnerabilities and patching connect straight to compliance and audit evidence: Device Compliance & Evidence (Phase 9) shows patch status, applied policies, and compliance checks in one place.


Based on OpenFrame v0.9.19. Vulnerability detection depends on the software inventory and evolves between releases — what's in your console wins. This sensitive area touches security posture; treat findings as a prompt to verify, not a guarantee of complete coverage.

Vladislav Marchenko

Head Of Marketing

Hi all! My name is Vlad and I’ve been brought on to head the marketing team at Flamingo. Thankfully, this isn’t the first time I will be building a marketing department from scratch, so the experience should come in handy. Now it’s time to dive into the world of MSPs and find myself in this new world.

More in Phase 4 — Monitoring & Policies

Related Content

Product Releases

Webinars

Case Studies

Blog Posts

Frequently Asked Questions

MSP AI Agents

Yes. In production MSP shops today, 10% to 25% of tickets close before a human opens them. Thread alone has processed 173 million tickets across 750-plus MSP partners at 96% triage accuracy, handing back 490,000-plus technician hours. Agents own the low-risk, high-volume work (password resets, MFA enrollment, known installs, onboarding and offboarding) and flag anything that touches production data or needs judgment for a human to take.
On a five-person desk, reported deployments show $78,000 to $130,000 in annual direct labor savings, roughly 30% fewer escalations, and 15% to 20% better SLA compliance. Broader MSP adoption data adds ticket handling time cut by 45% and five to 12 points of margin, all from reclaimed capacity rather than headcount cuts.

AI MSP

MSPs use AI to triage and route tickets, cut alert noise, schedule patches, assist L1 security work, and draft client reports. Kaseya's 2025 benchmark found 30% already use it to eliminate tedious tasks, with ticket triage the most common starting point.

AI Safety

It can be, with governance. Keep a human in the loop on high-risk actions, log every automated step for audit, and choose platforms that keep your data yours with no vendor lock-in. Pilot on internal data first so you catch issues before client systems are involved.

About OpenFrame

OpenFrame isn't built to plug into your stack. It replaces it. Instead of duct-taping a dozen tools together (RMM, MDM, SIEM, patching, remote access, each its own login and bill), we bundle it into one unified platform: RMM, MDM, monitoring, automation, remote access, patch management, security monitoring, and ticketing, plus built-in AI copilots. So "does it integrate with X?" usually means: you won't need X anymore.

Password Manager

Yes. Passbolt's Community edition is free under the AGPLv3 license with unlimited users, but you self-host it yourself. Paid Pro and Cloud tiers, starting around $5.40 per user monthly with a 10-seat minimum, add LDAP, SSO, and audit logs.

Open Source SIEM

Yes, Wazuh is free and open source with no per-agent or ingestion fees at any scale. The license costs nothing, but self-managed deployments still pay for log storage, infrastructure, and the engineering labor to tune and maintain the platform.

Endpoint Security

Bitdefender GravityZone is a cloud-native endpoint protection platform that combines prevention, EDR, and XDR in one agent and console. For MSPs, it adds multi-tenant management, so one team can protect and monitor every client's endpoints from a single dashboard.
Yes, for MSPs that want one vendor across endpoint, firewall, and managed detection. Sophos Central Partner gives true multi-tenant control, and MSP Connect Flex bills monthly by usage. Plan around occasional CPU spikes on busy servers and a console learning curve.

Sophos XDR

Sophos XDR is extended detection and response built on Intercept X. It correlates telemetry from endpoints, the Sophos firewall, email, cloud, and identity inside Sophos Central, then lets technicians hunt across that data with Live Discover queries.