Centralized Vulnerability Manager for MSPs

Last updated: December 23, 2025

The Centralized Vulnerability Manager (CVM) is an MSP-only capability in Cyrisma that enables centralized visibility and remediation across all customer environments from a single interface. CVM allows managed service providers to identify, prioritize, and remediate vulnerabilities without switching between individual client instances.

This article explains what CVM is, how it differs from instance-level Patch Manager, and when MSPs should use CVM versus per-instance remediation.

What Is CVM

CVM is the MSP-level vulnerability and patch management interface available at msp.cyrisma.com. It aggregates vulnerability and patching data from all customer instances that belong to the MSP.

CVM does not replace instance-level Patch Manager. Instead, it provides a centralized layer above individual instances to support MSP workflows that require cross-client visibility and bulk remediation.

Patch Manager Scope in Cyrisma

Patch management in Cyrisma exists at two distinct scopes.

Instance-Level Patch Manager

Instance-level Patch Manager operates within a single customer instance and applies only to hosts associated with that instance.

At this level, users can:

  • View root cause breakdowns for one customer

  • Schedule patches for that customer’s endpoints

  • Configure patch settings specific to that instance

  • Review patch history for that customer only

Instance-level Patch Manager is appropriate when remediation is handled independently per customer.

MSP-Level Patch Manager (CVM)

CVM operates at the MSP scope and aggregates data across all managed customer instances.

At this level, MSPs can:

  • View vulnerabilities and root causes across all customers

  • Identify shared risks affecting multiple clients

  • Schedule patches across multiple instances from one location

  • Review patch history spanning all customers

CVM is designed for MSPs managing multiple environments who require efficiency, consistency, and centralized control.

Centralized Visibility in CVM

CVM consolidates vulnerability data from every connected customer instance into a single dataset.

This includes:

  • Root cause aggregation across clients

  • CVE severity visibility across all environments

  • Affected asset counts by customer, OS type, or asset class

  • Patchable versus non-patchable root causes

This centralized visibility allows MSPs to quickly identify widespread issues, such as a vulnerable third-party application present across many customers.

Centralized Patch Execution

CVM enables MSPs to remediate vulnerabilities across multiple customers without entering each instance individually.

Capabilities include:

  • Bulk patching of supported third-party applications

  • Scheduling patches across multiple instances simultaneously

  • Applying consistent remediation actions across similar environments

Patch execution through CVM still respects:

  • Agent availability on target hosts

  • Instance-level patch configuration settings

  • Blackout hours and exclusion rules defined per instance

CVM orchestrates remediation but does not bypass instance-level controls.

Centralized Patch History

CVM provides a unified patch history view that spans all managed customers.

This allows MSPs to:

  • Track remediation actions across clients

  • Review patch success and failure trends

  • Correlate remediation activity with vulnerability reduction over time

  • Support internal reporting and operational audits

Patch history remains authoritative at the instance level, but CVM provides a consolidated view for MSP oversight.

Relationship to Agents and Scanning

CVM does not perform scanning or patching directly.

Its functionality depends on:

  • Cyrisma agents deployed within each customer instance

  • Completed vulnerability scans at the instance level

  • Patch Manager eligibility based on scan results

CVM consumes scan and agent data generated within each instance and presents it in a centralized format. If agents are not deployed or scans are not running in a customer instance, CVM will not show actionable data for that environment.

CVM vs Instance-Level Patch Manager

Use CVM when:

  • Managing remediation across multiple customer environments

  • Identifying common vulnerabilities affecting many clients

  • Performing bulk patching at scale

  • Monitoring remediation progress across the MSP portfolio

Use instance-level Patch Manager when:

  • Working on a single customer in isolation

  • Applying customer-specific remediation policies

  • Reviewing detailed patch history or configuration for one environment

  • Managing exceptions or operational nuances unique to that customer

Both interfaces operate on the same underlying data and remediation engine. CVM provides scale; instance-level Patch Manager provides granularity.

Scope and Limitations

  • CVM is available only to MSP accounts

  • CVM does not override instance-level permissions or exclusions

  • CVM does not introduce new remediation capabilities beyond Patch Manager

  • CVM does not include sales, billing, or partner enablement features

CVM is a management layer, not a separate remediation system.

Summary

Cyrisma’s Centralized Vulnerability Manager allows MSPs to manage vulnerability remediation and patching across all customer environments from a single location. By aggregating root cause data, enabling bulk patching, and centralizing patch history, CVM supports efficient MSP operations while preserving instance-level controls and configurations.

For MSPs managing multiple clients, CVM is the primary interface for coordinated remediation.