Skip to content
CapaSystems Docs

Security Monitor

CapaOne Security Monitor provides centralized visibility into the security posture and vulnerability exposure of endpoints across your organization. By combining endpoint configuration monitoring with vulnerability intelligence from the NIST CVE database, it helps administrators identify risks early and prioritize remediation.

Security monitoring overview

Section titled “Security monitoring overview”

Security Monitor continuously evaluates critical endpoint security configurations and software vulnerabilities.

Configuration monitoring includes controls such as:

  • Antivirus protection
  • Disk encryption
  • Firewall status
  • Operating system update compliance
  • Local administrator exposure
  • Pending reboot status

In addition, the solution identifies vulnerable software using data from the NIST National Vulnerability Database (NVD) and associated Common Vulnerabilities and Exposures (CVEs), synchronized daily.

By combining configuration health monitoring with vulnerability intelligence, Security Monitor enables organizations to maintain a consistent security baseline across endpoints and reduce overall security risk.

Security Dashboard

Section titled “Security Dashboard”

Security Dashboard summarizing endpoint security configuration status

The Security Dashboard delivers a unified overview of endpoint security health.

Visual summaries highlight the status of key security configurations, allowing administrators to quickly identify endpoints that are misconfigured, outdated, or exposed to potential risks.

This provides immediate insight into areas requiring attention and supports proactive security management.

Vulnerabilities

Section titled “Vulnerabilities”

The Vulnerabilities section focuses on software-related security risks detected across the environment.

Using vulnerability intelligence from the NIST CVE registry, Security Monitor identifies:

  • Vulnerable software
  • Impacted endpoints
  • Associated severity levels

Exposure can be analyzed by endpoint, software, or individual CVE, enabling structured investigation and informed remediation planning.

Endpoint Security

Section titled “Endpoint Security”

Endpoint security overview with inventory and vulnerability details for a device

Security Monitor extends visibility directly to individual devices.

Each endpoint includes a summarized security overview together with detailed inventory and vulnerability insights. Device-level views allow administrators to analyze configuration status, identify vulnerable software, and review detected CVEs affecting a specific endpoint.

This ensures that organizational security monitoring and endpoint investigation are seamlessly connected within a single security workflow.

Security visibility and control

Section titled “Security visibility and control”

Together, these capabilities provide both high-level oversight and detailed investigative insight, enabling organizations to reduce vulnerability exposure and maintain secure, compliant endpoint environments.