Seán O'Halloran04/24/2020, 3:25 PM
It correctly added my machine to the label, but after removing the USB it hasn’t updated. The wording on your website implies that you can use labels to dynamically detect which machines are running vulnerable software:
SELECT path FROM mounts LEFT JOIN block_devices ON mounts.device = block_devices.name WHERE block_devices.type="USB"
zwass04/24/2020, 3:38 PM
Seán O'Halloran04/24/2020, 3:46 PM
sundsta04/24/2020, 3:54 PM
zwass04/24/2020, 6:47 PM