You know the drill: security team finds a critical vulnerability, creates a ticket, tosses it to IT. Meanwhile, you're chasing users to update apps while that vulnerability sits unpatched across your fleet for weeks.
It's a frustrating cycle that leaves everyone playing catch-up and according to Verizon's latest report, most organizations take over 30 days to patch just 15% of critical vulnerabilities. At the 55-day mark? Half are still unpatched.
That disconnect between finding vulnerabilities and actually fixing them has been driving IT and security teams crazy for years. At Kandji, we’re announcing something that changes that completely.
Vulnerability Response: Detection Meets Remediation
We just launched Vulnerability Response - the missing link between finding vulnerabilities and automatically patching them. Here's how it works:
Set your rules based on CVE severity, scope it to your devices, and critical vulnerabilities get patched automatically within 24 hours. No tickets, no manual coordination, no chasing users around.
It's integrated directly with our Auto Apps catalog (200+ business applications), so any vulnerable app gets updated automatically based on the rules you set. Critical vulnerabilities move fast, lower-risk patches can wait, and users don't get bombarded with constant update notifications.
For lean IT and security teams tired of juggling multiple tools and throwing tickets over the fence, this finally closes the gap between vulnerability detection and remediation.
Why This Matters
Vulnerability management has always been a people and process problem disguised as a technology problem. You can have the best scanning tools in the world, but if it takes weeks to coordinate patches across teams and tools, you're still exposed.
Automated remediation isn't just about speed - it's about freeing your team to focus on strategic work instead of reactive, manual tasks.
More about the Vulnerability Response Release.
What's Actually Targeting Your Computers Right Now
Speaking of staying ahead of threats, our quarterly threat intelligence report just dropped with some interesting discoveries from our security research team:
AMOS stealer is now impersonating Loom (the video app everyone uses for screen recordings). If you see a suspicious "LoomSetup" file, don't click it.
Phishing PDFs targeting gamers are on the rise, especially going after younger users with promises of digital currency for Roblox and Minecraft. Our threat hunters have classified hundreds of these samples to stay ahead of variants.
AppleProcessHub stealer leverages Apple's own Grand Central Dispatch framework, making detection more nuanced since it's using legitimate system tools maliciously.
The bigger picture? Attackers are getting smarter about blending in with legitimate software and system processes. But Kandji EDR is getting smarter too - behavioral analysis that can distinguish between legitimate use and malicious abuse of these tools.
Get the full Threat Intelligence Report.