Skip to content
All Skills

Performing Endpoint Vulnerability Remediation

Performs vulnerability remediation on endpoints by prioritizing CVEs based on risk scoring, deploying patches, applying configuration changes, and validating fixes. Use when remediating findings from vulnerability scans, responding to critical CVE advisories, or maintaining endpoint compliance with patch management SLAs. Activates for requests involving vulnerability remediation, CVE patching, endpoint vulnerability management, or security fix deployment.

Security & Compliance|v1|Updated 7/2/2026|GitHub source
MCP get_skill({ skillId: "performing-endpoint-vulnerability-remediation-16c9fde8" })

Use this skill with your agent

Create a free account and connect via MCP

Get Started Free
# Performing Endpoint Vulnerability Remediation

## When to Use

Use this skill when:
- Remediating vulnerabilities identified by scanners (Nessus, Qualys, Rapid7)
- Responding to zero-day CVE advisories requiring immediate patching
- Maintaining compliance with patch management SLAs (critical within 14 days, high within 30 days)
- Building a prioritized remediation plan from vulnerability scan results

**Do not use** this skill for vulnerability scanning itself (use scanning tools) or for application-layer vulnerability remediation (use DevSecOps processes).

## Prerequisites

- Vulnerability scan results (Nessus, Qualys, or Rapid7 export in CSV/XML format)
- Patch management platform (WSUS, SCCM, Intune, or third-party like Automox)
- Administrative access to target endpoints or deployment infrastructure
- Change management process for production endpoint patching
- Testing environment for patch validation before production rollout

## Workflow

### Step 1: Import and Prioritize Vulnerability Findings

```
Priority scoring combines:
1. CVSS Base Score (0-10)
2. EPSS (Exploit Prediction Scoring System) - probability of exploitation
3. CISA KEV (Known Exploited Vulnerabilities) catalog membership
4. Asset criticality (business impact of affected endpoint)
5. Network exposure (internet-facing vs. internal)

Priority Matrix:
  P1 (Critical - 14 days SLA):
    - CVSS >= 9.0 OR
    - Listed in CISA KEV OR
    - Active exploitation in the wild + CVSS >= 7.0

  P2 (High - 30 days SLA):
    - CVSS 7.0-8.9 AND
    - EPSS > 0.5 (50% probability of exploitation)

  P3 (Medium - 60 days SLA):
    - CVSS 4.0-6.9 OR
    - CVSS 7.0-8.9 with EPSS < 0.1

  P4 (Low - 90 days SLA):
    - CVSS < 4.0 AND
    - No known exploit
```

Continue reading

Sign up for a free account to view the full skill content

Login / Register
#mukul-cybersecurity-skills#security#cybersecurity#vulnerability#management
Performing Endpoint Vulnerability Remediation - AgentArmory Skill — AgentArmory