A user received a compliance alert about the "built-in" local Windows administrator account being in the local administrators group, which is a default and mandatory setting. There was discussion about how to deal with this issue and suggestions were made to check and exclude items in the scanning template. One user suggested that the setting could be more useful if it could identify other accounts and ignore the built-in "administrator" account. The issue was passed on to the secure DX PM.
Read the entire article here...
ControlUp for Compliance (Secure DX)
ControlUp for Compliance (Secure DX) training and support-related archives from inside the ControlUp Community on Slack.
Automating the Deployment of ControlUp for Compliance
A user asked about automating the deployment of ControlUp for Compliance (formerly known as Secure DX) for new physical machines. Another user shared a script that could run the installation silently. The script can be found at https://cdn.spm.controlup.com/agent. Instructions were provided on checking for the latest version and running the script if necessary.
Read the entire article here...
Read the entire article here...
ControlUp for CVE Remediation in Large Organizations
A user inquired about using ControlUp for remediating CVEs in their organization with 40k+ devices. They were looking for a proposal template to use and announced their plan to target the most vulnerable devices first in batches. Another user shared that they have been patching their devices on a monthly basis and asked about others' patching schedules. A response mentioned that they encountered some issues related to scheduling but they have since been fixed and the product has been stable for months. The user then thanked them for the feedback.
Read the entire article here...
Read the entire article here...
Configuring Risk Levels in ControlUp Secure DX/Apps
A user asked if it is possible to define the risk levels themselves under Secure DX/Apps. Another user responded that currently risk scores are not configurable and are based on factors such as CVE scores and number of affected devices. This means that they are unable to change the risk levels at this time.
Read the entire article here...
Read the entire article here...
OS Compliance and Update Dashboard in ControlUp for Desktops
Some members discussed the possibility of having an OS Compliance and Update Dashboard in ControlUp for Desktops. Currently, this function is available through ControlUp for Compliance, with support for Windows, macOS, and Linux being planned. There were discussions about making this feature available in the base ControlUp for Desktops product, but it is not confirmed. The link to upvote for this feature can be found on the post tagged as "Have an idea? Share it!".
Read the entire article here...
Read the entire article here...
Outlook Classic Freezing and ControlUp’s Roadmap for Root Cause Analysis
A user noticed that 3pm-3:59pm had many employees experiencing Outlook Classic freezing. ControlUp may have further analysis of incidents like this on their roadmap and it is suggested to contact @member for further information. Deeper analysis is expected in Q2 2025.
Read the entire article here...
Read the entire article here...
Issue with Page Refresh on Secure DX
Several users reported experiencing a page refresh every 30 seconds on Secure DX, even when Auto-Refresh was not enabled. Some users tested on different tenants and found that the refresh only occurred with Auto-Refresh enabled. After some troubleshooting and guidance from @member Joel, it was discovered that using the "empty cache and hard refresh" option in developer tools could fix this issue. It appears the refresh was caused by items left in local storage.
Read the entire article here...
Read the entire article here...
ControlUp Scripts for Intune Compliance Checks
A user is interested in a ControlUp script to force an Intune Compliance Check on a Windows Device. While there is no official script available, it is a potential future roadmap item for Secure DX. Other users suggest creating a PowerShell script and setting it as an action on the device. A recommendation is made to include a check that ensures the correct components are installed on the device.
Read the entire article here...
Read the entire article here...
Understanding Remediation Availability in ControlUp
A user asked about the availability of remediation for certain devices and wondered if it was due to updates from ControlUp. It was clarified that remediation will only be available if there is either a pre-made remediation in the ControlUp catalog or if a custom issue has been added to an out of box scan without a catalog remediation. The blog posts https://www.controlup.com/resources/blog/enhance-endpoint-security-with-custom-issues-and-os-patching/ and https://www.controlup.com/resources/blog/expand-endpoint-security-use-cases-with-secure-dx-custom-issues/ provide more information on custom issues and their benefits for endpoint security.
Read the entire article here...
Read the entire article here...
Experiences with Using SecureDX for Golden Image Patching in VDI
Users discussed their experiences with using SecureDX to patch golden images in VDI, including issues with scans and remediation. Suggestions were given to check logs and potentially disable the CDN. A newly released version of SecureDX may have fixed the issues. Using manual deployments or quick uninstall/reinstall of the agent was suggested.
Read the entire article here...
Read the entire article here...