← All projects

Security

Fleet-Wide Vulnerability Assessment

PowerShell · REST APIs · Risk Reporting

The problem

A critical vulnerability landed in a firewall platform deployed widely across the managed client base. The immediate questions every client would ask: am I exposed, how bad is it, and what are you doing about it. Answering manually meant checking every environment one at a time while the disclosure clock ran.

The approach

Automate the assessment, not the panic. PowerShell tooling enumerated the fleet through management APIs, checked every customer domain against the vulnerable configuration criteria, and classified each as affected or clear, with the evidence recorded for every verdict.

Build notes

  • Fleet enumeration through central management APIs rather than per-device logins
  • Assessment criteria encoded once, applied identically to every domain, so no environment got a different standard of scrutiny
  • Output: a structured dataset of every domain and verdict, plus per-client risk summaries written for the people who would actually read them
  • Every verdict traceable to the specific configuration evidence that produced it

Outcome

The entire managed fleet assessed in hours. The exposed subset was identified with a risk report ready for each affected account team the same day. Remediation started immediately instead of after weeks of manual auditing, and the clear majority got a documented all-clear instead of silence.

Lessons

  • Vulnerability response at fleet scale is a data problem before it is a security problem. Enumerate first, judge second.
  • An all-clear with evidence is a deliverable too. Clients remember who told them they were safe and could prove it.
  • Tooling built under incident pressure becomes permanent capability. The same pattern now answers the next disclosure faster.