Overview
The Security module is organized into three main tabs:Compliance
View security compliance events and alerts from your clients
Vulnerabilities
Track software vulnerabilities with CVE details and CVSS scores
Endpoints
Monitor devices and endpoints across your client base
Accessing the Security Module
Select a Tab
Use the tabs at the top to switch between Compliance, Vulnerabilities, and Endpoints views.
Prerequisites
Before using the Security module, you must:- Set up the Cork integration - Connect your Cork account via Settings > Integrations
- Map clients to companies - Link your Cork clients to MSPortal companies
- Run initial sync - Allow the initial data sync to complete
Data is automatically synced from Cork on a regular schedule. Compliance events sync every 30 minutes, and other data types sync hourly.
Compliance Tab
The Compliance tab displays security compliance events from Cork, including alerts and findings that require attention.Filtering Compliance Events
Use the filters to narrow down compliance events:| Filter | Description |
|---|---|
| Company | Filter by specific company |
| Event Type | Filter by compliance event category |
| At Risk | Show only events marked as “at risk” |
| Resolved | Filter by resolved/unresolved status |
| Date Range | Filter by when the event was created |
Understanding Compliance Events
Each compliance event includes:- Event Type - The category of compliance finding
- Entity - The affected device, inbox, or domain
- Status - Whether the item is at risk or OK
- Resolved - Whether the issue has been addressed
- Created Date - When Cork first detected the issue
Vulnerabilities Tab
The Vulnerabilities tab shows software vulnerabilities detected across your client endpoints, complete with CVE identifiers and severity scores.Vulnerability Details
Each vulnerability entry includes:| Field | Description |
|---|---|
| CVE ID | The Common Vulnerabilities and Exposures identifier |
| Software | The affected software product and version |
| CVSS Score | Severity score from 0.0 to 10.0 |
| Priority | Cork’s recommended remediation priority (Critical, Accelerated, Routine) |
| Known Exploited | Whether this vulnerability is actively being exploited in the wild |
Filtering Vulnerabilities
Available filters include:- Search - Find vulnerabilities by CVE ID or software name
- Company - Filter by specific company
- Priority - Filter by Critical, Accelerated, or Routine
- Known Exploited - Show only actively exploited vulnerabilities
- CVSS Range - Filter by minimum/maximum CVSS score
Endpoints Tab
The Endpoints tab provides visibility into all devices and endpoints synced from Cork.Endpoint Information
Each endpoint entry displays:- Device Name - The name of the device
- Hostname - The network hostname
- Operating System - OS type and version
- IP Addresses - Network addresses
- Last Seen - When Cork last received data from this endpoint
- Company - The associated client company
Filtering Endpoints
Use the search bar to find endpoints by:- Device name
- Hostname
- IP address
Bulk Actions
You can select multiple items across any tab to perform bulk actions:Select Items
Click the checkbox next to items you want to act on, or use the header checkbox to select all visible items.
Adding Items to Planner
Convert security findings into actionable work items by adding them to the Planner. See the Adding Security Items to Planner guide for detailed instructions.Related Resources
Cork Integration Setup
Connect your Cork account to MSPortal
Add to Planner
Convert security findings into planned work
Planner
Manage and track planned security work
Reporting
Include security data in client reports