Secunia Corporate Software Inspector (CSI) 5.0
Secunia Corporate Software Inspector (CSI) 5.0
Secunia Corporate Software Inspector (CSI) 5.0
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Secunia</strong> <strong>Corporate</strong> <strong>Software</strong> <strong>Inspector</strong> (<strong>CSI</strong>) <strong>5.0</strong><br />
- Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X<br />
Prevent the security domino<br />
effect in your IT infrastructure<br />
Introduction<br />
The <strong>Secunia</strong> <strong>CSI</strong> is an authenticated vulnerability and patch scanner which identifies<br />
installed programs and missing security patches. It integrates with Microsoft WSUS &<br />
Microsoft SCCM for easy deployment of 3rd party updates, making patching a simple<br />
and straightforward process for all IT departments.<br />
Furthermore, the <strong>Secunia</strong> Personal <strong>Software</strong> <strong>Inspector</strong> (PSI) now integrates with the<br />
<strong>Secunia</strong> <strong>CSI</strong>, giving administrators access to scan results from the PCs that are not<br />
directly under their control. These results can aid the administrators in devising and<br />
implementing a more comprehensive security policy in an efficient manner.<br />
Patching vulnerable programs, and in particular 3rd party programs, is a cumbersome<br />
and resource-demanding process, causing many enterprises to either neglect patching or<br />
only patch a few non-Microsoft programs.<br />
However, unpatched programs in a network open doors to threats and security breaches,<br />
which can be potentially devastating for an organisation in terms of loss of money, public<br />
image, customer trust, time, and market opportunities.<br />
Typical Vulnerability Management challenges faced by IT operations are:<br />
How to protect the IT infrastructure more effectively?<br />
How to make sure that the network does not have any installed programs<br />
with missing patches?<br />
How to accomplish this without using vast amounts of time and effort<br />
checking numerous vendor sites for program updates?<br />
The <strong>Secunia</strong> <strong>CSI</strong> is a revolutionary tool that simplifies the troublesome area of identifying<br />
vulnerable programs and patching them. By scanning the network with the <strong>Secunia</strong> <strong>CSI</strong>, organisations<br />
can effectively protect their corporate IT infrastructure against the threat posed<br />
by unpatched vulnerabilities.<br />
With the <strong>Secunia</strong> <strong>CSI</strong>, keeping your network secure has never been easier.<br />
*<strong>Secunia</strong> Personal <strong>Software</strong> <strong>Inspector</strong> (PSI)<br />
secunia.com<br />
Simplify your 3rd party<br />
Patch Management<br />
What’s new in <strong>5.0</strong>?<br />
Scanning of Apple Mac OS X<br />
A fully customisable reporting module<br />
Flexible packages for patching & configuring<br />
hosts, set to your specific criteria<br />
Enhanced integration with the<br />
<strong>Secunia</strong> PSI*<br />
Access to the underlying <strong>Secunia</strong><br />
database<br />
“Indiana University deployed the <strong>Secunia</strong><br />
<strong>Corporate</strong> <strong>Software</strong> <strong>Inspector</strong> (<strong>CSI</strong>) to<br />
mitigate the risks of software vulnerabilities<br />
on its ~250,000 network devices spread<br />
across the university’s eight campuses. Our<br />
students, faculty, and staff use the <strong>Secunia</strong><br />
Personal <strong>Software</strong> <strong>Inspector</strong> (PSI) and <strong>CSI</strong><br />
to protect their computers and data... Its<br />
extensive coverage of programs gives us a<br />
clear picture of all the software installed in<br />
our network, enabling us to easily identify<br />
vulnerable or dangerous programs.”<br />
Jonathan Sweeny,<br />
Incident Response Manager,<br />
Lead Security Analyst,<br />
Office of the VP for Information Technology
Authenticated Vulnerability Scanning Technology<br />
The <strong>Secunia</strong> <strong>CSI</strong> provides non-intrusive authenticated vulnerability and<br />
patch scanning. It takes a different approach compared to other scanners by<br />
conducting authenticated scans of systems. This makes it possible for the <strong>Secunia</strong><br />
<strong>CSI</strong> to identify all installed programs and plug-ins based on the actual files<br />
present on the system.<br />
The <strong>Secunia</strong> <strong>CSI</strong> then correlates program meta data with <strong>Secunia</strong>’s comprehensive<br />
product database to build an inventory of the installed programs and<br />
plug-ins. This inventory is then correlated with vulnerability meta data based<br />
on <strong>Secunia</strong> Vulnerability Intelligence.<br />
The accuracy of this approach is unprecedented and provides actionable<br />
results with risk ratings and other metrics based on <strong>Secunia</strong> Advisories.<br />
Scan results<br />
The scan results of the <strong>Secunia</strong> <strong>CSI</strong> provide details about the full installation path,<br />
version details, direct links to patches, ratings, and access to <strong>Secunia</strong> Advisories<br />
with further vulnerability details and metrics as well as other useful information<br />
for alternative mitigation strategies.<br />
Based on the details collected by the <strong>Secunia</strong> <strong>CSI</strong>, as well as the experts<br />
working behind the scenes at <strong>Secunia</strong>, it is possible to use the <strong>Secunia</strong> <strong>CSI</strong> to<br />
automatically repackage a large amount of patches for direct deployment and<br />
management using Microsoft WSUS and Microsoft SCCM.<br />
The scanning also detects and reports end-of-life programs and plug-ins. This<br />
is software which for some reason is not supported by the vendor. <strong>Software</strong><br />
which has reached end-of-life should not be used due to a lack of vulnerability<br />
information about these products, and because the vendors will not be<br />
providing security updates.<br />
The <strong>Secunia</strong> <strong>CSI</strong> also lists all the programs and plug-ins which are patched and<br />
up-to-date. This can be used to verify that patches have been properly applied<br />
and that old insecure versions have been removed. It can also be used as a<br />
valuable and highly accurate supplement to other asset and license management<br />
tools. Many customers also use it to track the installation of non-approved<br />
programs and plug-ins.<br />
Flexible deployment<br />
The <strong>Secunia</strong> <strong>CSI</strong> offers various deployment options designed to suit your<br />
environment:<br />
Agent-less scanning of your systems can be performed out-of-the<br />
box. When running agent-less, the <strong>Secunia</strong> <strong>CSI</strong> utilises standard<br />
Windows networking services to scan the systems on your network.<br />
The agents can also be automatically deployed through the Microsoft<br />
WSUS/SCCM integration.<br />
Agent-based deployment is more flexible. It can be used in<br />
segmented networks and to scan systems that are not always online<br />
(e.g. laptops). The agents can also be automatically deployed through<br />
the Microsoft WSUS/SCCM integration.<br />
Appliance mode offers “agent-less” scanning from centralised hosts;<br />
in branch offices for example.<br />
CLI mode makes it possible to schedule and manage scans using other tools<br />
(e.g. log-on scripts).<br />
secunia.com<br />
1<br />
2<br />
3<br />
4<br />
5<br />
6<br />
The <strong>Secunia</strong> <strong>CSI</strong> scans computers in your<br />
network from a central location<br />
AProgram 1.0<br />
AProgram 1.0<br />
AProgram BProgram 1.0<br />
BProgram 1.0 1.0<br />
BProgram CProgram 1.0 3.0<br />
DProgram 2.0<br />
CProgram DProgram 3.0 2.0<br />
EProgram 1.0<br />
DProgram<br />
EProgram<br />
2.0<br />
1.0<br />
AProgram 1.0<br />
EProgram BProgram 1.0 1.0<br />
<strong>Secunia</strong><br />
<strong>Secunia</strong><br />
Advisory<br />
Advisory<br />
<strong>Secunia</strong><br />
Advisory<br />
EXE OCX DLL<br />
It scans all executables, including EXE, OCX,<br />
and DLL files using the <strong>Secunia</strong> File Signatures<br />
EXE OCX DLL<br />
All scan results are fed into the central<br />
management console for easier analysis<br />
The <strong>Secunia</strong> <strong>CSI</strong> tells you which version to<br />
update<br />
CProgram AProgram 1.0 3.0<br />
BProgram DProgram 1.0 2.0<br />
Automatic repackaging<br />
CProgram EProgram 1.0 3.0<br />
DProgram 2.0<br />
EProgram 1.0<br />
AProgram 1.2 Patch<br />
DProgram 2.1<br />
Patch<br />
A<br />
B<br />
DProgram 2.1<br />
Patch deployment<br />
<strong>Secunia</strong><br />
Advisory<br />
<strong>Secunia</strong><br />
Advisory<br />
AProgram 1.2 Patch A<br />
DProgram AProgram 2.1<br />
Patch B<br />
1.2 Patch A<br />
EXE OCX DLL<br />
EXE OCX DLL<br />
AProgram 1.2<br />
AProgram 1.2<br />
AProgram<br />
BProgram 1.0BProgram<br />
1.0 1.2<br />
CProgram 3.0 BProgram CProgram 3.0 1.0<br />
DProgram 2.1<br />
CProgram DProgram 2.1 3.0<br />
EProgram 1.0<br />
DProgram<br />
EProgram 1.0<br />
2.1<br />
AProgram 1.2<br />
EProgram BProgram 1.0 1.0<br />
Patch B<br />
EXE OCX DLL<br />
CProgram AProgram 3.0 1.2<br />
DProgram BProgram 1.0 2.1<br />
EProgram CProgram 1.0 3.0<br />
a) Deployment Using Microsoft WSUS<br />
Approval<br />
Approval<br />
Approval WSUS<br />
WSUS<br />
Approval<br />
WSUS<br />
b) Deployment Using Microsoft SCCM<br />
Upload SCCM<br />
Upload SCCM<br />
Upload SCCM<br />
DProgram 2.1<br />
EProgram 1.0<br />
Approval WSUS<br />
Upload<br />
SCCM<br />
Upload SCCM<br />
WSUS<br />
AProgram 1.0<br />
BProgram 1.0<br />
CProgram 3.0<br />
DProgram 2.0<br />
EProgram 1.0<br />
AProgram 1.0<br />
BProgram 1.0<br />
CProgram 3.0<br />
DProgram 2.0<br />
EProgram 1.0
Microsoft WSUS Integration<br />
The <strong>Secunia</strong> <strong>CSI</strong> integrates seamlessly with Microsoft Windows<br />
Server Update Services (WSUS) for easy deployment of 3rd party<br />
updates. This makes installing updates simple and straightforward<br />
due to the automatic repackaging feature and the Microsoft<br />
WSUS distribution management functionality in the <strong>Secunia</strong> <strong>CSI</strong>.<br />
The <strong>Secunia</strong> <strong>CSI</strong> provides simple methods for repackaging and<br />
publishing patches for distribution via Microsoft WSUS. It can<br />
literally be conducted with a few simple steps:<br />
Select insecure programs to patch<br />
The <strong>Secunia</strong> <strong>CSI</strong> automatically repackages and<br />
publishes patches to Microsoft WSUS<br />
Approve and manage distribution<br />
Track deployment status<br />
Microsoft SCCM Integration<br />
The <strong>Secunia</strong> <strong>CSI</strong> integrates seamlessly with Microsoft System<br />
Center Configuration Manager (SCCM) 2007 to help you stay<br />
compliant and up-to-date with the latest security updates from<br />
3rd party vendors and Microsoft. The <strong>Secunia</strong> <strong>CSI</strong> adds a critical<br />
security aspect to the <strong>Software</strong> Update Management and Asset<br />
Intelligence capabilities of Microsoft SCCM. While Microsoft<br />
SCCM offers many great features in order to configure and manage<br />
servers and desktops, Microsoft SCCM lacks the specialised<br />
capabilities within software inventory mapping and security intelligence<br />
related to software.<br />
The <strong>Secunia</strong> <strong>CSI</strong> provides highly detailed software inventory<br />
including both programs and plug-ins. This inventory is then<br />
mapped to security intelligence related to the individual<br />
programs and plug-ins as well as details about vendor supplied<br />
security updates.<br />
The <strong>Secunia</strong> <strong>CSI</strong> can automatically repackage these security<br />
updates/patches and push them to Microsoft SCCM, allowing<br />
you to control, manage, and monitor deployment using Microsoft<br />
SCCM. The <strong>Secunia</strong> <strong>CSI</strong> can further conduct scans of desktop and<br />
server systems to ensure that the updates are applied correctly<br />
and that all systems are fully compliant.<br />
"<strong>Secunia</strong>’s Scanning & Patch Management<br />
Solutions are designed to help organisations of<br />
all sizes improve their protection"<br />
Frost & Sullivan<br />
2011 Market Penetration Leadership Award<br />
secunia.com<br />
Apple Mac Scanning<br />
With the <strong>Secunia</strong> <strong>CSI</strong> it is now possible to scan Apple Mac OS<br />
X and have the scan results displayed in the <strong>Secunia</strong> <strong>CSI</strong>’s user<br />
interface.<br />
The new <strong>Secunia</strong> <strong>CSI</strong> Agent for Mac is available for download<br />
from the “Download Local Agent” page within the <strong>Secunia</strong><br />
<strong>CSI</strong>. The new agent can be installed on the Mac host in both<br />
“command line” and “service” mode, in a similar way to how the<br />
Windows equivalent works.<br />
<strong>Secunia</strong> PSI Integration<br />
The <strong>Secunia</strong> PSI is a free security tool designed to detect vulnerable<br />
and outdated programs and plug-ins, which expose your PC<br />
to attacks. Once installed, the <strong>Secunia</strong> PSI can help you patch<br />
vulnerable programs and stay secure.<br />
The “Auto Update” feature enables the <strong>Secunia</strong> PSI to<br />
automatically detect insecure programs on the PC, download<br />
the required patches, and install them accordingly without user<br />
interaction. In addition, the <strong>Secunia</strong> PSI integrates with the<br />
<strong>Secunia</strong> <strong>CSI</strong>, making it possible to report its local scan results<br />
to the centralised <strong>Secunia</strong> <strong>CSI</strong> dashboard. These features help the<br />
administrators in organisations better understand the security<br />
status of PC users that occasionally connect to their corporate<br />
networks.<br />
This integration is especially useful for administrators in<br />
educational institutions, where they do not have control or access<br />
to students connecting to the university’s/campus’ network from<br />
their PCs. By encouraging these users to install the <strong>Secunia</strong> PSI on<br />
their PCs, the administrators can get a better overview of both<br />
internal and external vulnerability threats, and take the necessary<br />
measures to protect their networks.<br />
IT Administrator
Flexible & Scalable Reporting<br />
The <strong>Secunia</strong> <strong>CSI</strong>’s customisable dashboard gives you a complete<br />
overview of the security and compliance state of your entire<br />
corporate network, enabling you to access and organise all data<br />
and results from a single location.<br />
Key features include:<br />
Detailed status reports on all the patched, insecure,<br />
and end-of-life programs<br />
Significantly improved performance and reporting<br />
capabilities, accommodating thousands of hosts<br />
Support for the documentation needs of both<br />
management and different user groups across the<br />
enterprise<br />
Scheduling to automatically generate reports at predefined<br />
time intervals<br />
Ability to receive the reports via e-mail, instead of<br />
manually generating them when needed<br />
“The <strong>Secunia</strong> <strong>CSI</strong> saves us a significant amount of<br />
time and reduces the risk of overlooking vulnerable<br />
applications, thereby increasing the overall security”<br />
Dr. Sattler, IT Security Officer<br />
ER Schiffart GmbH<br />
secunia.com<br />
Summary of Features<br />
Non-intrusive authenticated vulnerability and patch<br />
scanning with unprecedented accuracy<br />
Covers programs and plug-ins from thousands of<br />
vendors<br />
Scans 3rd party apps on PCs and Macs<br />
Reports the security status for each program<br />
Reports the criticality rating for each insecure program<br />
Reports end-of-life programs<br />
Identifies missing patches<br />
Automated patch repackaging<br />
Integration with Microsoft WSUS & SCCM for easy patch<br />
distribution and extensive Patch Management<br />
Install, configure, uninstall, and deploy updates with the<br />
<strong>Secunia</strong> Package System (SPS)<br />
Enhanced integration with the <strong>Secunia</strong> PSI<br />
Powerful scheduling features, enabling automatic report<br />
generation<br />
Ability to disallow the scanning of file locations<br />
Benefits<br />
The <strong>Secunia</strong> <strong>CSI</strong> enables IT security departments to gain a<br />
complete overview of their corporate networks by:<br />
Conducting cross-platform scanning<br />
Pinpointing the exact vulnerabilities affecting the<br />
network<br />
Providing in-depth details about vulnerabilities<br />
Simplifying the patching of vulnerabilities<br />
Enabling you to secure your off-site assets<br />
Sending e-mail alerts upon any changes in the network<br />
The <strong>Secunia</strong> <strong>CSI</strong> provides organisations with improved<br />
responsiveness and protection, thereby ensuring business<br />
continuity and minimising business damage.<br />
The Ultimate Companion<br />
The <strong>Secunia</strong> <strong>CSI</strong> takes information accuracy to<br />
a completely new level, keeping you up-to-date,<br />
regarding vulnerabilities in installed applications.<br />
You save both time and resources when handling<br />
vulnerabilities, as the <strong>Secunia</strong> <strong>CSI</strong> instantly maps your<br />
IT infrastructure, and provides you with guidance on remediation and<br />
upgrades using Microsoft WSUS & Microsoft SCCM. The <strong>Secunia</strong> <strong>CSI</strong><br />
keeps track of all security issues, telling you what you need to know,<br />
when you want to know it, and how to remediate it, all in one go.<br />
Contact sales@secunia.com for more information.<br />
2.0<br />
<strong>5.0</strong>
Example: Patch Deployment using Microsoft WSUS<br />
Figure 1. List of all patches available for deployment<br />
Figure 2. Selection of insecure programs for patching<br />
Figure 3. Approval of automatic patching using Microsoft WSUS<br />
Figure 4. Overview of the patch status of each computer<br />
secunia.com