The advanced Patch Trackers
Every Microsoft update, ranked by what attackers are actually exploiting, not just by age or raw CVSS. The Patch Tracker reads Microsoft's own data, ties each missing KB to the CVEs it fixes, and weights the whole picture by CISA KEV and EPSS. Please take a look!
Shavlik questions, answered
If you came here searching for a Shavlik scan or the Shavlik patch scanner, here is the short version. The original Shavlik scanning engine, HfNetChk, grew into NetChk Protect and SCUPdates. Shavlik Technologies was acquired by VMware in 2013, and the Shavlik patch products are now part of Ivanti. The Shavlik name and those products belong to Ivanti today.
I am Mark Shavlik, the person who created that first scanner. The work here is all-new code under my own name at Senserva: a modern scan of the patch and CVE state across your Microsoft 365 estate, Intune, Defender for Endpoint, and Azure Update Manager, ranked by what is actually being exploited using CISA KEV and EPSS. It is not the Ivanti product, and it does not deploy patches. It tells you what is missing and what is exploited, then sits alongside Intune, Ivanti, or your RMM.
Yes. As the creator of HfNetChk and the basis for the Microsoft Baseline Security Analyzer (MBSA), I now offer a modern scan at Senserva: it reads the patch and CVE state across Microsoft 365, Intune, Defender for Endpoint, and Azure Update Manager, and ranks what to fix first by CISA KEV and EPSS.
No. The original Shavlik engines (HfNetChk, NetChk Protect) went to VMware and now live on through Ivanti for patch deployment. The patch lineup here is all-new code from Mark Shavlik and his team, focused on the modern problem: knowing the patch and CVE state across a cloud-era Microsoft estate and ranking what to fix first by real-world exploitation.
No, not yet. We are focused on supporting compliance, which requires solid patch management first: knowing the patch and CVE state and ranking what is actually exploited. The Patch Tracker and CVE tools do that today, and sit alongside whatever you deploy with (Intune, Ivanti, your RMM).
Mark Shavlik founded Shavlik Technologies, which built HfNetChk, NetChk Protect, and SCUPdates. The company was acquired by VMware in 2013, and those patch products are now part of Ivanti, still a leader in patch deployment. Mark and his team now build Senserva, a modern Microsoft 365 security and patch-intelligence platform.
Mark Shavlik is the founder and CEO of Senserva. He was an early engineer on the Microsoft Windows NT kernel team, then founded Shavlik Technologies, where he created HfNetChk, the hotfix and patch scanner that became the basis for the Microsoft Baseline Security Analyzer (MBSA).
HfNetChk was the Shavlik network hotfix checker that scanned Windows machines for missing security patches. Microsoft licensed the engine as the basis for the Microsoft Baseline Security Analyzer (MBSA). Both are retired today; the modern equivalent for Microsoft 365 is Senserva's patch and CVE intelligence, ranked by CISA KEV and EPSS.
Senserva's Patch Tracker and CVE and vulnerability management read the patch state across Microsoft Intune, Defender for Endpoint, and Azure Update Manager, and rank what to fix first by CISA KEV and EPSS. The non-Microsoft tracker covers the exploited Citrix, Fortinet, Ivanti, and Apache flaws Microsoft's Update Guide leaves out. It complements Ivanti and your RMM rather than replacing them.
Yes. Senserva tracks and ranks the patch and CVE state of your Microsoft estate, through the Patch Center, the Patch Tracker, the non-Microsoft exploited-CVE tracker, and CVE management. It does not deploy patches yet; it tells you what is missing and what is actively exploited, then sits alongside your deployment tooling.
See your patch state, free
Open the live Patch Tracker now, or register free and point Senserva at your own tenants: 3 tenants, up to 25 users each, in one verified scan. Welcome back, Shavlik customers.
Open the Patch Tracker Scan your tenants, free
More about Senserva and Mark Shavlik · CVE and vulnerability management · Senserva partners
See patching in action
A short walkthrough of Senserva patching for Microsoft 365.
Open the watch page for this video, or see all Senserva videos.