Security Scanner
The Security Scanner sits under Insights → Security and gives you a compact, cross-fleet view of every server’s OS package security state — total packages, available updates, and CVE counts split by severity.
Where Vulnerabilities is the “which CVEs should I fix first” view, Security Scanner is the “which servers are behind” view.
What you see
Section titled “What you see”A per-server table of the latest scan on every online host:
- Server — hostname, links to the server page.
- Packages — total installed packages seen by the agent.
- Updates available — packages with a newer version in the distro repos.
- Critical / High / Medium / Low — active CVE counts per severity.
- Total — sum across severities.
- Scanned — how long ago the scan ran.
The header shows fleet-wide totals: servers scanned, plus critical / high / medium / low counts summed across all hosts.
Expanding a row reveals the vulnerable packages found on that host — package name, installed version, fixed-in version, and the CVEs each package resolves.
What you can do
Section titled “What you can do”- Trigger a scan for a specific server from its row (requires the agent’s packages plugin, v1.0.43+).
- Jump to the server to see per-package detail and the Fix action that queues a package update.
- Filter and sort — order by critical count to see the worst offenders first, or by “updates available” to see the most out-of-date hosts.
How it works
Section titled “How it works”The agent reports the installed package inventory on every full sync. HostAtlas matches it against public CVE feeds and stores a per-server security scan record with the counts you see here. A scan takes a few seconds server-side once the inventory is uploaded — there is no long-running scanner on the box.
Because the underlying data is the same as Vulnerabilities, the numbers reconcile: the sum of Critical across all rows here equals the Critical KPI on the Vulnerabilities page.
If a server has no scan yet, either the agent is too old or the packages plugin hasn’t reported in yet. The row shows an empty state with the required agent version.
Related
Section titled “Related”- Vulnerabilities — the CVE-first cut of the same data, with KEV highlighting and top-10 CVEs.
- Recipes — one-shot scripts you can build from a finding to install updates.
- Compliance Hub — the umbrella that groups security posture with policy adherence and audit findings.