Vulnerabilities / Threats //

Vulnerability Management

9/15/2015
10:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Flexera Software Acquires Secunia, Adding Software Vulnerability Management Solutions That Reduce Cybersecurity Risks

Security Products Combined with Existing Software License Optimization and Application Readiness Solutions will Transform Software Asset Management Practices

Itasca, Ill. – September 15, 2015 – Flexera Software, the leading provider of next-generation software licensing, compliance, security and installation solutions for application producers and enterprises, announced today the acquisition of Secunia, a leading provider of Software Vulnerability Management solutions that protect organizations against cybersecurity risks.

“As cybersecurity threats continue to grow, leading companies will not only proactively manage these threats but will also integrate Software Vulnerability Management into core software asset management processes,” said Mark Bishof, Flexera Software’s Chief Executive Officer.  “Secunia’s products deliver the Software Vulnerability Management capabilities enterprises urgently need today while complementing our existing market-leading solutions for Software License Optimization and Application Readiness.”

Cybersecurity and Software Vulnerability Management

Cybercriminals routinely use vulnerabilities in software as gateways to exploit corporate networks, using techniques like commercialized underground “exploit toolkits” to infect machines and perform malicious activities. A typical, documented cybersecurity breach costs organizations between $2.5 million to $5 million[1]. However, massive breaches, such as the highly publicized Target, JPMorgan, Home Depot, Sony, and Best Buy cybercrimes, could cost hundreds of millions of dollars – not to mention damage to reputation and brand. Secunia products help IT security and operations teams proactively identify, assess and remediate software vulnerabilities.  Secunia products include:

  • Vulnerability Intelligence Manager, which gives IT security teams verified, accurate and comprehensive vulnerability intelligence from Secunia Research, along  with workflow management, alerts and reporting
  • Corporate Software Inspector, which provides IT operations teams multi-platform assessment of software vulnerabilities and cost-effective patch creation and deployment to reduce enterprise software security risks

Speed is of the essence during a cyberattack to minimize damage.  Secunia products stand alone in their ability to immediately identify known vulnerabilities, their potential impact based on the mission criticality and dependencies of the affected business applications, and then quickly resolve the issue through the deployment and verification of the appropriate patches.

Software License Optimization & Software Vulnerability Management Synergies

Secunia’s Software Vulnerability Management solutions are highly synergistic with Flexera Software’s Software License Optimization solution, FlexNet Manager Suite, and underscore the critical relationship between Software Asset Management (SAM) and cybersecurity.  Both disciplines require at their foundation the accurate and continual discovery and inventory of software assets within an organization’s environment.  Today IT asset management and security teams (and projects) are usually siloed within organizations, increasing the likelihood that security threats will slip through the gap. For instance, discovery and inventory of software assets are critical to both asset management and security teams – but are currently undertaken separately in most organizations,

Flexera Software is changing the game by connecting the strategic dots between Software Asset Management and cybersecurity. And by harnessing the synergies between SAM and Software Vulnerability Management, Software License Optimization takes on even greater critical importance in centralizing core software asset management functions while minimizing software spend, software license non-compliance, and cybersecurity risk.  Organizations will be able to leverage asset management insights combined with vulnerability data to rapidly address the most relevant cybersecurity threatsOther IT disciplines will all immediately benefit from the success and maturity of Software License Optimization and IT asset management processes that are developed and applied for cybersecurity.

Application Readiness & Software Vulnerability Management Synergies

Secunia’s Software Vulnerability Management solutions are also synergistic with Flexera Software’s Software Application Readiness solution, AdminStudio Suite, underscoring IT Operations teams’ need to understand security risks when rationalizing and managing the application portfolio, and to safely, securely and reliably deploy patches without damaging underlying systems. Application Readiness and Software Vulnerability Management business processes can be completely integrated with vulnerability assessment. These processes are integral to application inventory, rationalization and compatibility processes, as well as state-of-the-art application packaging being used to prepare security patches for rapid, reliable deployment. 

 “Being a part of Flexera Software represents the next stage of growth for Secunia’s employees, customers and partners,” said Peter Colsted, Secunia’s Chief Executive Officer. “The synergies from this acquisition will enable enterprises to more proactively address cybersecurity threats as a core part of their processes for managing application usage.”

Resources:

· Tweet This: @FlexeraSoftware acquires cybersecurity specialist @Secunia, transforming software asset management practices http://owl.li/S3wBS

Learn more about Flexera Software’s:

·         Corporate Software Inspector

·         Vulnerability Intelligence Manager

·         Software License Optimization Solutions

·         Application Readiness Solutions

·         Software Monetization Solutions

·         Installation Solutions

Related Flexera Software Webinars

Related Flexera Software White Papers

 

About Flexera Software

Flexera Software helps application producers and enterprises increase application usage and security, enhancing the value they derive from their software.  Our software licensing, compliance, cybersecurity and installation solutions are essential to ensure continuous licensing compliance, optimized software investments, and to future-proof businesses against the risks and costs of constantly changing technology.  A marketplace leader for more than 25 years, 80,000+ customers turn to Flexera Software as a trusted and neutral source of knowledge and expertise, and for the automation and intelligence designed into our products. For more information, please go to: www.flexerasoftware.com.

 

About Secunia

Founded in 2002, Secunia is a leading provider of IT security solutions that help businesses and private individuals globally manage and control vulnerability threats, risks across their networks, and end-points. This is enabled by Secunia’s award-winning Vulnerability Intelligence, Vulnerability Assessment, and Patch Management solutions that ensure optimal and cost-effective protection of critical information assets.

Secunia plays an important role in the IT security ecosystem, and is the preferred supplier for enterprises and government agencies worldwide, counting Fortune 500 and Global 2000 businesses among its customer base. Secunia is headquartered in Copenhagen, Denmark.



[1] IDC’s PeerScape: Practices for IT Asset Management – July, 2015

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Steve Morgan, Founder & CEO, Cybersecurity Ventures,  12/11/2017
Oracle Product Rollout Underscores Need for Trust in the Cloud
Kelly Sheridan, Associate Editor, Dark Reading,  12/11/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Gee, these virtual reality goggles work great!!! 
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.