Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

8/30/2012
02:09 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Secunia Launches Corporate Software Inspector 6.0

Secunia CSI 6.0 combines vulnerability intelligence, vulnerability scanning and patch creation with patch deployment tool integration

Copenhagen, Denmark – August 30, 2012 - Secunia, the leading provider of IT security solutions that enable businesses and private individuals to manage and control vulnerability threats, today announced the general availability of the next generation of its flagship solution the Secunia Corporate Software Inspector (CSI) version 6.0 (http://secunia.com/vulnerability_scanning/ ). The new solution provides customers with the unique ability to understand and evaluate their entire threat landscape, identify exactly where application vulnerabilities exist and how best to prioritize and implement remediation efforts, all whilst leveraging and maximizing existing security investments in current Client Management (CM), Security Information & Event Management (SIEM), and Governance, Risk & Compliance (GRC) tools.

“The overall mission of the Secunia CSI 6.0 has been to empower our customers and their current infrastructure, while providing them with the best of breed vulnerability intelligence, scanning, and pre-created patch packages. We have therefore focused on developing the Secunia CSI’s integration capabilities, making the Secunia CSI 6.0 a much more useful and extensive Vulnerability and Patch Management tool”, said Morten R. Stengaard, Director of Product Management and Quality Assurance at Secunia.

Companies that do not have a complete overview of what is installed across laptops, PCs, and servers, and the security state of these programs, are at a disadvantage as it becomes impossible to prioritize remediation efforts and efficiently managing the environment to reduce risk and increase the security state – and the vulnerability threat landscape is intensifying. “In 2011, Secunia identified more than 800 end-point vulnerabilities, of which more than 50% were rated as highly or extremely critical (exploitable from remote), and 78% of all vulnerabilities affected non-Microsoft programs; that is, a greater, more critical, and more diverse vulnerability exposure that faces companies”, said Stengaard.

The Secunia CSI provides the reliable, comprehensive, and up-to-date vulnerability intelligence and highly accurate scan results needed by IT-operations and security teams to deal with these vulnerabilities. By combining these two capabilities with automated patch creation and integration, the intelligence becomes actionable in a CM, SIEM, and GRC perspective and more cost effective. ”Simply put, we have designed the new Secunia CSI to help our customers realize a better return on those investments while at the same time improving their security level”, said Stengaard.

The Secunia CSI 6.0 is the next ‘push’ from Secunia towards enabling companies to take their IT-security to a higher level, a development which is directly attributed to the on-going dialogue and feedback from customers. Among the most important new features is the updated vulnerability scanner that covers more operating platforms (Windows, Mac OSX, and Red Hat Enterprise Linux, (RHEL)), as well as the ability to scan for custom software throughout the environment, with updates being created using the Secunia Package System (SPS) and deployed with existing deployment solutions. With expanded coverage, organizations are armed with the information, responsiveness, and protection needed to ensure business continuity and minimize business damage.

Further, the new easy integration with preferred deployment solutions such as Microsoft Windows Server Update Services (WSUS), Microsoft System Center Configuration Manager (SCCM), Altiris Deployment Solution, as well as any other third-party configuration management tools allows for easy installation of third-party updates, making patching a simple and straight-forward process for all IT departments. In the cases where regulatory compliance is of concern (e.g. the PCI-DSS or NERC-CIP standards), Secunia CSI 6.0 allows enterprises to have a clear picture of the programs and vulnerabilities that exist in the environment, including how critical they are and how long they have existed. And with the new Scheduled Date Export function, Secunia CSI can also integrate with any preferred Government Risk and Compliance (GRC) solution, allowing users to further utilise their existing solutions to improve security and compliance.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd
CVE-2020-12525
PUBLISHED: 2021-01-22
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
CVE-2020-12511
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface.