Skip to content

Overview

ClearFix Logo

Introduction

Welcome to ClearFix! The vulnerability management tool that integrates seamlessly with your processes and procedures. Below you will find an overview of the workflow in the platform, as well as a list of what all of the key areas of the platform do at a glance. Be sure to check out the other pages of the documentation to see more specific details on how to use each utility in the tool; these can be found in the sidebar on the left.

The Workflow

Identify

Identify vulnerabilities affecting your estate and pull them into ClearFix automatically. Simply launch a scan with your preferred vulnerability scanning tool using ClearFix and wait for the vulnerabilities to come rolling in. Our platform will let you view, track, and fix vulnerabilities without the need for complicated and time-consuming workflows.

Have pentest results that you also want to track? Great! Fill out our ‘Pentest CSV’ with the results from your test and upload them, ClearFix will do the rest.

Track

View all of your vulnerabilities in one place, no more endless trawling through spreadsheets and reformatting CSV files. Once a scan has been pulled into the platform, you’ll have full access to details for the vulnerabilities that have been detected, along with options for managing the vulnerabilities in alignment with your organisation's risk appetite.

When viewing vulnerabilities you’ll be able to manage all aspects of them, including (but not limited to):

  • Accepted severity
  • Marking false positives for specific assets
  • Advice for how best to mitigate the vulnerability
  • Communication with your team around the vulnerability
  • SLA times for fixes

You can also add rules to specific vulnerabilities; say that you have assessed and are willing to accept the risk for an outdated version of software, you no longer have to deal with the same vulnerability every you receive the results of a scan. When marking a vulnerability as a false positive or downgrading its severity, simply add a rule to determine what is done with the vulnerability in the future.

Fix

ClearFix allows you to push fixes directly to your vulnerable machines. As soon as you’re ready to mitigate a vulnerability, simply follow our fix workflow to either push a fix to a machine or handle the mitigation with an external tool.

ClearFix can be used to deploy both pre-built and custom fix workflows that you have created; these are managed in the platform with no need for several tools to address the same problem. If you prefer to handle your vulnerabilities externally, the platform also integrates seamlessly with ticketing systems like Jira to empower your organisation to address vulnerability management through your existing processes and procedures.

The Platform at a Glance

  • Dashboard
    • See all of the vulnerabilities affecting your estate at a glance
  • Scans
    • Manage existing scans
    • Trigger new scans
    • Upload outputs from scans
    • Upload outputs from penetration tests
    • View the results of scans
  • Vulnerabilities
    • View all vulnerabilities on your estate
    • Manage overall vulnerabilities
  • Scheduled scans
    • Schedule new scheduled scans
    • Manage existing scheduled scans
  • Scanners
    • Add new scanners from your vulnerability scanning platform
    • Manage existing scanners added from your vulnerability scanning platform
  • Approvals (Admin only)
    • Approve requests from analysts for false positives, fix advice, severity changes, etc.
  • Agents
    • Download the agent installer
    • Create new agents
    • Manage existing agents
  • Assets
    • View existing assets
    • Manage existing assets
  • Fixes
    • View existing fixes uploaded to the platform