Agent 2.0, New Linux CVE Data, and the Future of Autonomous Endpoint Management

Summary

In this episode of the Product Talk podcast, Peter Pflaster and Steph Rizzuto discuss significant enhancements to the Automox platform, focusing on the new Fast-Agent and updates the Automox tray. They explore improvements in backend connectivity, user experience, and vulnerability management, emphasizing the importance of autonomous endpoint management and better patch compliance. The conversation also highlights new implementations for enhanced Linux CVE coverage, and the future vision for Automox's offerings.

Transcript

Peter Pflaster (00:00)

Hello and welcome to the January edition of the Product Talk podcast on the Automox Autonomous IT podcast network. Today we're going to dive deep into some of the stuff that you've probably seen some buzz around in the last month or so. We're going to be talking about some back-end improvements to the Automox agent. So totally re-imagined Automox agent with Fast-Agent.

We're also going to be talking about some front end end user facing improvements with the agent to improve the end user experience there. And also some work that we're doing to get you better vulnerability data to help you get in front of threat actors. I'm Peter Pflaster with my co-host here, Steph from the Product Team. Let's go ahead and dive in.

So today we're going to be talking about Fast agent. If you're an Automox customer and you've already been upgraded, you'll see it listed as Agent 2.0 in your console. And that's done to reflect the complete overhaul that we've had to the agent technology on the back end to deliver industry leading speed, reliability, and control. We got Steph on today. She has been pretty integral in building out some aspects of this agent product.

project, including the Automox tray, which we'll talk about in a few minutes here. But first, just want to talk at a high level about some of the improvements that we've made to the back end stuff. Curious if you could just outline maybe the top three or four things that we've done with the Fast agent release that's rolling out right now.

Steph Rizzuto (01:35)

Yeah, sure. You know, we've done a lot. It's been kind of an exciting time to be on the agent team. We have real time device connectivity status for better visibility. So giving you, you know, those real time things of what's happening with your device. We also have duplicate command prevention to avoid conflicts and unexpected reboots. That's been a problem area in the past that we're really excited that this iteration is going to address.

And just the more scalable and reliable backend communication, we switched out the protocol that we were using to something that's going to make the agent itself more reliable, more dependable, and really scale and give us some efficiencies there.

Peter Pflaster (02:20)

Awesome. Yeah, I think when we talk about the platform and the agent, right, if you look at all the other endpoint management tools out there, it's a pretty broad spectrum, right? A lot of people are still using tools from the 90s or early 2000s that require VPN connections or devices to actually be on-prem in order to manage them. We're entirely built in the cloud from the beginning.

Our agent has always been able to operate with just an internet connection, but we're really trying to benchmark, you know, our agent performance and connectivity control, reliability, et cetera, against ourselves. And we really want to continue to be the industry leader there.

So a lot of these changes that we're making are really with our long-term vision in mind, which is helping organizations to realize this vision of autonomous endpoint management. And the changes that we're making with Fast-Agent are really being done to make our agent as independently intelligent as possible.

If I have to describe that in layman's terms to someone, it's really about making the agent a little bit more self-aware and less reliant on the management console.

So if you're using a legacy tool, like a Microsoft management tool, for example, the agents may be very reliant on the management console, telling it what to do every hour, every six hours, et cetera. And a lot of these changes are trying to lay the foundation to helping the agent to be a bit more autonomous and operate.

on its own, even if the internet connection isn't as reliable or consistent as it should be in an ideal world. One of the cool changes there, I think, is the reconnection delay configuration.

So customers with high security environments are using a tool like Cisco ISE, for example, can actually reconfigure the agent so the connectivity success is higher in those high kind of security environments. And then to Steph's point, some of the changes that we made to help.

reduce duplicate commands and make the agent aware of a history of the commands on the device should also help to make our agent a bit more autonomous, so to speak.

So I think the backend is really important. But of course, the stuff that usually gets the headlines is things that people can see and touch. And one of the big projects that Steph and team have been working on is the Automox tray. Could you just give us a really high level of what that's going to look like initially for customers?

Steph Rizzuto (05:21)

Yeah, sure. So the tray is our conduit kind of to the end user. So we are going to completely overhaul the end user notifications that we have today. We moved to this persistent tray. And I think one of the really important things that it's going to feature right up that is a deadline based approach as opposed to the deferrals so that the end user just has a really clear idea of what action they need to perform and when.

and then giving them that flexibility to do that at a time that works for them. You can see the deadline at any time that the IT admin sets for the policy window, the end user can go in and perform those actions and kind of eliminating this unexpected reboots or having to reboot at a time, sorry, before a meeting, but you've used up your last deferral. So it's really the use case that we've targeted at the beginning of this and that the first iteration of the tray.

kind of aims to solve. But beyond that, we have a whole vision for what this could turn into. You're going to see things like allowing custom branding, things like that, your company's logo, any kind of messaging you want to put in there. The ability to be more transparent to the end user is a big use case that we've heard showing what updates are being installed and letting them know what's actually happening behind the scenes and then all the way to just self-service.

you know, being able to install software and things like that, being able to report an issue directly from the tray, have an issue, report it. We can collect all that data in the background and we have that. So the tray, the first part of it really solves for some pain points around more flexibility when it comes to reboots, knowing when those kinds of things have to happen, but the end vision is like much greater. And this is just kind of our first step at that.

And you'll see us working throughout the year to make the tray even more useful to the IT admins and to the end user themselves. So we're really excited about this initiative.

Peter Pflaster (07:30)

Excellent. Yeah, that's really exciting. Will this be for just certain devices or will it cover both Windows and Mac?

Steph Rizzuto (07:39)

So this gonna cover both Windows and Mac. So we'll have kind of comprehensive coverage there across those two operating systems and anything that we release for Mac will release in tandem with Windows.

Peter Pflaster (07:52)

Awesome. Yeah, I think one of the trends that we've seen is as the modern workforce becomes more tech savvy, they're demanding a bit more information from IT. And it's pretty exciting that we're releasing this modernized Automox tray to improve folks' digital experience while also helping IT to meet all those SLAs that they're probably obligated to meet either from

you know, an external compliance perspective or within their own corporate organization.

Steph Rizzuto (08:26)

Yeah, like you said, it's kind of a shift, you know, even from when I first started here, when we first kind of delved into this, was, you know, the end user doesn't need to know about us and we're super invisible to them. And then the more research we did, the more we found like, that's actually not what the market is demanding and what our customers are wanting. They want that increased visibility. They want to know what updates are being installed and things like that. So it's a shift and we're excited to kind of.

you know, get ahead of it, so to speak, and have this functionality.

Peter Pflaster (08:59)

Yeah, the great thing about this, talking to a lot of IT administrators, they want to be able to get as much done as possible, right? And when they have to take out a band time to go and help an end user with something or communicate reboots or required patches via email, I mean, that's a lot of extra time.

And this is really a lot more automated approach, it seems like, right? Like we, our notification system already works like this, but with the modernized UI, it'll basically show reboot notifications, just based on the patch policies that have already been configured by administrators. So it's really no additional administrative overhead.

Steph Rizzuto (09:43)

Yeah, this should greatly reduce the back and forth that the IT admin has right now with their end users. That's definitely one of the goals and something that I really think we'll accomplish with this release, even just with the first release, you know.

Peter Pflaster (09:59)

Sweet. Yeah, really excited to see that come out. And then obviously all the planned work after that to start to make that the real hub for end users and managing digital experience of Automox. That's going to be really exciting. I'm sure we'll have more in future podcasts on that as well.

Yes, I think that really sums up at a high level a lot of the agent enhancements. Like I said, there's a lot of announcements coming out from our side. By the time you're listening to this, you probably will have seen the announcements for everything we're talking about today. If you're a customer prospect, we also

Send out newsletter emails where we talk about things that we've built or are about to release. So that's another really great source. If you don't regularly listen to the podcast, if you can tune into those newsletters. So ton of great, great improvements there. Like I said, ultimately just making the agent more reliable

less required effort from the administrator to keep things running smoothly and then getting better patch compliance ultimately through the Automox trays is going to be huge. The other thing that I want to talk about is actually in a similar vein to getting better patch compliance. And that's a problem that we've started to observe really over the last year, honestly, but it's kind of compounded.

I'm a bit surprised that it's gone on this long, but NVD is well over 30,000 CDEs behind in actually adding additional context to those vulnerabilities. We're probably not going to talk about the why behind that or what our theories are there, but.

you know, the effect on administrators and IT teams is the same regardless of the reason. You know, they're 30,000 CVEs behind. That makes it hard for IT and security to take a risk-based vulnerability management approach. So what we have done and what we're releasing very soon here is enhanced CVE coverage. So...

Initially, that's going to be with better CVE data, so severity data context, for CentOS and Amazon Linux. And then we'll eventually expand to six more flavors of Linux in addition to what we already have robust coverage for today. So think Oracle Linux, Alma, Fedora, SUSE as well are all going to be getting enhanced data.

Steph Rizzuto (12:40)

Yeah.

Peter Pflaster (12:45)

Really, we're just trying to help teams to better understand what they need to fix, especially folks that are running severity-based patch policies. So I guess I'm curious, Steph, if you could kind of talk about, obviously, we've got what's coming very soon, which is the enhanced data from that side. But I think this is just the beginning for us. And if you could kind of talk a little bit about how we're getting that data.

Steph Rizzuto (13:14)

Yeah.

Peter Pflaster (13:14)

today

and then what the future vision could look like there.

Steph Rizzuto (13:19)

We're super excited to partner with VulnCheck So where we're starting with is our Linux coverage and kind of like Peter said, we're going to round out coverage. So we fully support all the distros that our customers are using. And you know, that in and of itself is exciting, but we're also going to get

you know, more comprehensive coverage for Mac. We'll get more details than we had today. And like Peter alluded to, you have the problem with NVD on like the speed at which they're getting the vulnerabilities. We're seeing these come in a lot quicker with phone checks. So you're able to, you know, prioritize based on that. And you can kind of count on that because you know that you're having the most up-to-date info. And then once we kind of get through the Mac and more,

more comprehensive coverage there, then we'll start looking into our third party data. And I think that's really exciting for us. You know, we support some browsers today and a couple of other top party, but this is going to give us more comprehensive coverage of the third party apps that people are using. And it's going to allow them to leverage features inside the product that they can't today. Cause you know, we don't have that data. So really just rounding out like our vulnerability management.

program as a whole and allowing folks to prioritize based on criticality, take advantage of those patch policies and things like that. And having that extend to third party is going to be huge for us and we're really excited about that.

Peter Pflaster (14:53)

Yeah, I think what I'm most excited for, apart from continuing to expand that data across everything that we already cover from a patch perspective today, is just benchmarking against ourselves once again. So we talked about with the agent how we're really trying to improve what we already do today rather than comparing it to the industry and just being satisfied with comparing the legacy tools.

You know, for us, partnering with VulnCheck was huge because with the vulnerability data from VulnCheck, businesses should be able to prioritize CVEs on average 14 days faster than if they were using the NIST NVD data, which is sort of what most...

of the other market does today. So this is not only gonna help you as an IT leader, IT administrator be way ahead of the curve compared to your peers, but it should also help you to be ahead of threat actors and people that are actually looking to exploit these vulnerabilities.

So today we talked about really a couple of huge enhancements to the back end of the platform with lot of the agent improvements, as well as what end users will actually be interacting with on a day-to-day basis, all the way down to the vulnerability data that really drives your patch management program.

To find out more information on this, check out our website, our press releases. If you want to stay up to date on this information, definitely sign up for our monthly newsletter where we cover all this in depth as well. And obviously the podcast, of course, we'll be talking about everything new that's coming. We have a lot of exciting stuff coming down the pike. So Steph and I will be on every month getting you the latest on what's coming and what's just been released.

Thanks everybody for listening. We'll be back next month with a ton of new updates. Looking forward to it. Hope you all have a great February.

Steph Rizzuto (17:03)

Bye guys.