Secunia Corporate Software Inspector (CSI) 5.0

Secunia Corporate Software Inspector (CSI) 5.0
- Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X
Prevent the security domino
effect in your IT infrastructure
Introduction
The Secunia CSI is an authenticated vulnerability and patch scanner which identifies
installed programs and missing security patches. It integrates with Microsoft WSUS &
Microsoft SCCM for easy deployment of 3rd party updates, making patching a simple
and straightforward process for all IT departments.
Furthermore, the Secunia Personal Software Inspector (PSI) now integrates with the
Secunia CSI, giving administrators access to scan results from the PCs that are not
directly under their control. These results can aid the administrators in devising and
implementing a more comprehensive security policy in an efficient manner.
Patching vulnerable programs, and in particular 3rd party programs, is a cumbersome
and resource-demanding process, causing many enterprises to either neglect patching or
only patch a few non-Microsoft programs.
However, unpatched programs in a network open doors to threats and security breaches,
which can be potentially devastating for an organisation in terms of loss of money, public
image, customer trust, time, and market opportunities.
Typical Vulnerability Management challenges faced by IT operations are:
How to protect the IT infrastructure more effectively?
How to make sure that the network does not have any installed programs
with missing patches?
How to accomplish this without using vast amounts of time and effort
checking numerous vendor sites for program updates?
The Secunia CSI is a revolutionary tool that simplifies the troublesome area of identifying
vulnerable programs and patching them. By scanning the network with the Secunia CSI, organisations
can effectively protect their corporate IT infrastructure against the threat posed
by unpatched vulnerabilities.
With the Secunia CSI, keeping your network secure has never been easier.
*Secunia Personal Software Inspector (PSI)
secunia.com
Simplify your 3rd party
Patch Management
What’s new in 5.0?
Scanning of Apple Mac OS X
A fully customisable reporting module
Flexible packages for patching & configuring
hosts, set to your specific criteria
Enhanced integration with the
Secunia PSI*
Access to the underlying Secunia
database
“Indiana University deployed the Secunia
Corporate Software Inspector (CSI) to
mitigate the risks of software vulnerabilities
on its ~250,000 network devices spread
across the university’s eight campuses. Our
students, faculty, and staff use the Secunia
Personal Software Inspector (PSI) and CSI
to protect their computers and data... Its
extensive coverage of programs gives us a
clear picture of all the software installed in
our network, enabling us to easily identify
vulnerable or dangerous programs.”
Jonathan Sweeny,
Incident Response Manager,
Lead Security Analyst,
Office of the VP for Information Technology

Authenticated Vulnerability Scanning Technology
The Secunia CSI provides non-intrusive authenticated vulnerability and
patch scanning. It takes a different approach compared to other scanners by
conducting authenticated scans of systems. This makes it possible for the Secunia
CSI to identify all installed programs and plug-ins based on the actual files
present on the system.
The Secunia CSI then correlates program meta data with Secunia’s comprehensive
product database to build an inventory of the installed programs and
plug-ins. This inventory is then correlated with vulnerability meta data based
on Secunia Vulnerability Intelligence.
The accuracy of this approach is unprecedented and provides actionable
results with risk ratings and other metrics based on Secunia Advisories.
Scan results
The scan results of the Secunia CSI provide details about the full installation path,
version details, direct links to patches, ratings, and access to Secunia Advisories
with further vulnerability details and metrics as well as other useful information
for alternative mitigation strategies.
Based on the details collected by the Secunia CSI, as well as the experts
working behind the scenes at Secunia, it is possible to use the Secunia CSI to
automatically repackage a large amount of patches for direct deployment and
management using Microsoft WSUS and Microsoft SCCM.
The scanning also detects and reports end-of-life programs and plug-ins. This
is software which for some reason is not supported by the vendor. Software
which has reached end-of-life should not be used due to a lack of vulnerability
information about these products, and because the vendors will not be
providing security updates.
The Secunia CSI also lists all the programs and plug-ins which are patched and
up-to-date. This can be used to verify that patches have been properly applied
and that old insecure versions have been removed. It can also be used as a
valuable and highly accurate supplement to other asset and license management
tools. Many customers also use it to track the installation of non-approved
programs and plug-ins.
Flexible deployment
The Secunia CSI offers various deployment options designed to suit your
environment:
Agent-less scanning of your systems can be performed out-of-the
box. When running agent-less, the Secunia CSI utilises standard
Windows networking services to scan the systems on your network.
The agents can also be automatically deployed through the Microsoft
WSUS/SCCM integration.
Agent-based deployment is more flexible. It can be used in
segmented networks and to scan systems that are not always online
(e.g. laptops). The agents can also be automatically deployed through
the Microsoft WSUS/SCCM integration.
Appliance mode offers “agent-less” scanning from centralised hosts;
in branch offices for example.
CLI mode makes it possible to schedule and manage scans using other tools
(e.g. log-on scripts).
secunia.com
1
2
3
4
5
6
The Secunia CSI scans computers in your
network from a central location
AProgram 1.0
AProgram 1.0
AProgram BProgram 1.0
BProgram 1.0 1.0
BProgram CProgram 1.0 3.0
DProgram 2.0
CProgram DProgram 3.0 2.0
EProgram 1.0
DProgram
EProgram
2.0
1.0
AProgram 1.0
EProgram BProgram 1.0 1.0
Secunia
Secunia
Advisory
Advisory
Secunia
Advisory
EXE OCX DLL
It scans all executables, including EXE, OCX,
and DLL files using the Secunia File Signatures
EXE OCX DLL
All scan results are fed into the central
management console for easier analysis
The Secunia CSI tells you which version to
update
CProgram AProgram 1.0 3.0
BProgram DProgram 1.0 2.0
Automatic repackaging
CProgram EProgram 1.0 3.0
DProgram 2.0
EProgram 1.0
AProgram 1.2 Patch
DProgram 2.1
Patch
A
B
DProgram 2.1
Patch deployment
Secunia
Advisory
Secunia
Advisory
AProgram 1.2 Patch A
DProgram AProgram 2.1
Patch B
1.2 Patch A
EXE OCX DLL
EXE OCX DLL
AProgram 1.2
AProgram 1.2
AProgram
BProgram 1.0BProgram
1.0 1.2
CProgram 3.0 BProgram CProgram 3.0 1.0
DProgram 2.1
CProgram DProgram 2.1 3.0
EProgram 1.0
DProgram
EProgram 1.0
2.1
AProgram 1.2
EProgram BProgram 1.0 1.0
Patch B
EXE OCX DLL
CProgram AProgram 3.0 1.2
DProgram BProgram 1.0 2.1
EProgram CProgram 1.0 3.0
a) Deployment Using Microsoft WSUS
Approval
Approval
Approval WSUS
WSUS
Approval
WSUS
b) Deployment Using Microsoft SCCM
Upload SCCM
Upload SCCM
Upload SCCM
DProgram 2.1
EProgram 1.0
Approval WSUS
Upload
SCCM
Upload SCCM
WSUS
AProgram 1.0
BProgram 1.0
CProgram 3.0
DProgram 2.0
EProgram 1.0
AProgram 1.0
BProgram 1.0
CProgram 3.0
DProgram 2.0
EProgram 1.0

Microsoft WSUS Integration
The Secunia CSI integrates seamlessly with Microsoft Windows
Server Update Services (WSUS) for easy deployment of 3rd party
updates. This makes installing updates simple and straightforward
due to the automatic repackaging feature and the Microsoft
WSUS distribution management functionality in the Secunia CSI.
The Secunia CSI provides simple methods for repackaging and
publishing patches for distribution via Microsoft WSUS. It can
literally be conducted with a few simple steps:
Select insecure programs to patch
The Secunia CSI automatically repackages and
publishes patches to Microsoft WSUS
Approve and manage distribution
Track deployment status
Microsoft SCCM Integration
The Secunia CSI integrates seamlessly with Microsoft System
Center Configuration Manager (SCCM) 2007 to help you stay
compliant and up-to-date with the latest security updates from
3rd party vendors and Microsoft. The Secunia CSI adds a critical
security aspect to the Software Update Management and Asset
Intelligence capabilities of Microsoft SCCM. While Microsoft
SCCM offers many great features in order to configure and manage
servers and desktops, Microsoft SCCM lacks the specialised
capabilities within software inventory mapping and security intelligence
related to software.
The Secunia CSI provides highly detailed software inventory
including both programs and plug-ins. This inventory is then
mapped to security intelligence related to the individual
programs and plug-ins as well as details about vendor supplied
security updates.
The Secunia CSI can automatically repackage these security
updates/patches and push them to Microsoft SCCM, allowing
you to control, manage, and monitor deployment using Microsoft
SCCM. The Secunia CSI can further conduct scans of desktop and
server systems to ensure that the updates are applied correctly
and that all systems are fully compliant.
"Secunia’s Scanning & Patch Management
Solutions are designed to help organisations of
all sizes improve their protection"
Frost & Sullivan
2011 Market Penetration Leadership Award
secunia.com
Apple Mac Scanning
With the Secunia CSI it is now possible to scan Apple Mac OS
X and have the scan results displayed in the Secunia CSI’s user
interface.
The new Secunia CSI Agent for Mac is available for download
from the “Download Local Agent” page within the Secunia
CSI. The new agent can be installed on the Mac host in both
“command line” and “service” mode, in a similar way to how the
Windows equivalent works.
Secunia PSI Integration
The Secunia PSI is a free security tool designed to detect vulnerable
and outdated programs and plug-ins, which expose your PC
to attacks. Once installed, the Secunia PSI can help you patch
vulnerable programs and stay secure.
The “Auto Update” feature enables the Secunia PSI to
automatically detect insecure programs on the PC, download
the required patches, and install them accordingly without user
interaction. In addition, the Secunia PSI integrates with the
Secunia CSI, making it possible to report its local scan results
to the centralised Secunia CSI dashboard. These features help the
administrators in organisations better understand the security
status of PC users that occasionally connect to their corporate
networks.
This integration is especially useful for administrators in
educational institutions, where they do not have control or access
to students connecting to the university’s/campus’ network from
their PCs. By encouraging these users to install the Secunia PSI on
their PCs, the administrators can get a better overview of both
internal and external vulnerability threats, and take the necessary
measures to protect their networks.
IT Administrator

Flexible & Scalable Reporting
The Secunia CSI’s customisable dashboard gives you a complete
overview of the security and compliance state of your entire
corporate network, enabling you to access and organise all data
and results from a single location.
Key features include:
Detailed status reports on all the patched, insecure,
and end-of-life programs
Significantly improved performance and reporting
capabilities, accommodating thousands of hosts
Support for the documentation needs of both
management and different user groups across the
enterprise
Scheduling to automatically generate reports at predefined
time intervals
Ability to receive the reports via e-mail, instead of
manually generating them when needed
“The Secunia CSI saves us a significant amount of
time and reduces the risk of overlooking vulnerable
applications, thereby increasing the overall security”
Dr. Sattler, IT Security Officer
ER Schiffart GmbH
secunia.com
Summary of Features
Non-intrusive authenticated vulnerability and patch
scanning with unprecedented accuracy
Covers programs and plug-ins from thousands of
vendors
Scans 3rd party apps on PCs and Macs
Reports the security status for each program
Reports the criticality rating for each insecure program
Reports end-of-life programs
Identifies missing patches
Automated patch repackaging
Integration with Microsoft WSUS & SCCM for easy patch
distribution and extensive Patch Management
Install, configure, uninstall, and deploy updates with the
Secunia Package System (SPS)
Enhanced integration with the Secunia PSI
Powerful scheduling features, enabling automatic report
generation
Ability to disallow the scanning of file locations
Benefits
The Secunia CSI enables IT security departments to gain a
complete overview of their corporate networks by:
Conducting cross-platform scanning
Pinpointing the exact vulnerabilities affecting the
network
Providing in-depth details about vulnerabilities
Simplifying the patching of vulnerabilities
Enabling you to secure your off-site assets
Sending e-mail alerts upon any changes in the network
The Secunia CSI provides organisations with improved
responsiveness and protection, thereby ensuring business
continuity and minimising business damage.
The Ultimate Companion
The Secunia CSI takes information accuracy to
a completely new level, keeping you up-to-date,
regarding vulnerabilities in installed applications.
You save both time and resources when handling
vulnerabilities, as the Secunia CSI instantly maps your
IT infrastructure, and provides you with guidance on remediation and
upgrades using Microsoft WSUS & Microsoft SCCM. The Secunia CSI
keeps track of all security issues, telling you what you need to know,
when you want to know it, and how to remediate it, all in one go.
Contact sales@secunia.com for more information.
2.0
5.0

Example: Patch Deployment using Microsoft WSUS
Figure 1. List of all patches available for deployment
Figure 2. Selection of insecure programs for patching
Figure 3. Approval of automatic patching using Microsoft WSUS
Figure 4. Overview of the patch status of each computer
secunia.com