Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats //

Vulnerability Management

9/15/2015
10:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Flexera Software Acquires Secunia, Adding Software Vulnerability Management Solutions That Reduce Cybersecurity Risks

Security Products Combined with Existing Software License Optimization and Application Readiness Solutions will Transform Software Asset Management Practices

Itasca, Ill. – September 15, 2015 – Flexera Software, the leading provider of next-generation software licensing, compliance, security and installation solutions for application producers and enterprises, announced today the acquisition of Secunia, a leading provider of Software Vulnerability Management solutions that protect organizations against cybersecurity risks.

“As cybersecurity threats continue to grow, leading companies will not only proactively manage these threats but will also integrate Software Vulnerability Management into core software asset management processes,” said Mark Bishof, Flexera Software’s Chief Executive Officer.  “Secunia’s products deliver the Software Vulnerability Management capabilities enterprises urgently need today while complementing our existing market-leading solutions for Software License Optimization and Application Readiness.”

Cybersecurity and Software Vulnerability Management

Cybercriminals routinely use vulnerabilities in software as gateways to exploit corporate networks, using techniques like commercialized underground “exploit toolkits” to infect machines and perform malicious activities. A typical, documented cybersecurity breach costs organizations between $2.5 million to $5 million[1]. However, massive breaches, such as the highly publicized Target, JPMorgan, Home Depot, Sony, and Best Buy cybercrimes, could cost hundreds of millions of dollars – not to mention damage to reputation and brand. Secunia products help IT security and operations teams proactively identify, assess and remediate software vulnerabilities.  Secunia products include:

  • Vulnerability Intelligence Manager, which gives IT security teams verified, accurate and comprehensive vulnerability intelligence from Secunia Research, along  with workflow management, alerts and reporting
  • Corporate Software Inspector, which provides IT operations teams multi-platform assessment of software vulnerabilities and cost-effective patch creation and deployment to reduce enterprise software security risks

Speed is of the essence during a cyberattack to minimize damage.  Secunia products stand alone in their ability to immediately identify known vulnerabilities, their potential impact based on the mission criticality and dependencies of the affected business applications, and then quickly resolve the issue through the deployment and verification of the appropriate patches.

Software License Optimization & Software Vulnerability Management Synergies

Secunia’s Software Vulnerability Management solutions are highly synergistic with Flexera Software’s Software License Optimization solution, FlexNet Manager Suite, and underscore the critical relationship between Software Asset Management (SAM) and cybersecurity.  Both disciplines require at their foundation the accurate and continual discovery and inventory of software assets within an organization’s environment.  Today IT asset management and security teams (and projects) are usually siloed within organizations, increasing the likelihood that security threats will slip through the gap. For instance, discovery and inventory of software assets are critical to both asset management and security teams – but are currently undertaken separately in most organizations,

Flexera Software is changing the game by connecting the strategic dots between Software Asset Management and cybersecurity. And by harnessing the synergies between SAM and Software Vulnerability Management, Software License Optimization takes on even greater critical importance in centralizing core software asset management functions while minimizing software spend, software license non-compliance, and cybersecurity risk.  Organizations will be able to leverage asset management insights combined with vulnerability data to rapidly address the most relevant cybersecurity threatsOther IT disciplines will all immediately benefit from the success and maturity of Software License Optimization and IT asset management processes that are developed and applied for cybersecurity.

Application Readiness & Software Vulnerability Management Synergies

Secunia’s Software Vulnerability Management solutions are also synergistic with Flexera Software’s Software Application Readiness solution, AdminStudio Suite, underscoring IT Operations teams’ need to understand security risks when rationalizing and managing the application portfolio, and to safely, securely and reliably deploy patches without damaging underlying systems. Application Readiness and Software Vulnerability Management business processes can be completely integrated with vulnerability assessment. These processes are integral to application inventory, rationalization and compatibility processes, as well as state-of-the-art application packaging being used to prepare security patches for rapid, reliable deployment. 

 “Being a part of Flexera Software represents the next stage of growth for Secunia’s employees, customers and partners,” said Peter Colsted, Secunia’s Chief Executive Officer. “The synergies from this acquisition will enable enterprises to more proactively address cybersecurity threats as a core part of their processes for managing application usage.”

Resources:

· Tweet This: @FlexeraSoftware acquires cybersecurity specialist @Secunia, transforming software asset management practices http://owl.li/S3wBS

Learn more about Flexera Software’s:

·         Corporate Software Inspector

·         Vulnerability Intelligence Manager

·         Software License Optimization Solutions

·         Application Readiness Solutions

·         Software Monetization Solutions

·         Installation Solutions

Related Flexera Software Webinars

Related Flexera Software White Papers

 

About Flexera Software

Flexera Software helps application producers and enterprises increase application usage and security, enhancing the value they derive from their software.  Our software licensing, compliance, cybersecurity and installation solutions are essential to ensure continuous licensing compliance, optimized software investments, and to future-proof businesses against the risks and costs of constantly changing technology.  A marketplace leader for more than 25 years, 80,000+ customers turn to Flexera Software as a trusted and neutral source of knowledge and expertise, and for the automation and intelligence designed into our products. For more information, please go to: www.flexerasoftware.com.

 

About Secunia

Founded in 2002, Secunia is a leading provider of IT security solutions that help businesses and private individuals globally manage and control vulnerability threats, risks across their networks, and end-points. This is enabled by Secunia’s award-winning Vulnerability Intelligence, Vulnerability Assessment, and Patch Management solutions that ensure optimal and cost-effective protection of critical information assets.

Secunia plays an important role in the IT security ecosystem, and is the preferred supplier for enterprises and government agencies worldwide, counting Fortune 500 and Global 2000 businesses among its customer base. Secunia is headquartered in Copenhagen, Denmark.



[1] IDC’s PeerScape: Practices for IT Asset Management – July, 2015

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22861
PUBLISHED: 2021-03-03
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to gain write access to unauthorized repositories via specifically crafted pull requests and REST API requests. An attacker would need to be able to fork the targeted ...
CVE-2021-22862
PUBLISHED: 2021-03-03
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with the ability to fork a repository to disclose Actions secrets for the parent repository of the fork. This vulnerability existed due to a flaw that allowed the base reference of ...
CVE-2021-22863
PUBLISHED: 2021-03-03
An improper access control vulnerability was identified in the GitHub Enterprise Server GraphQL API that allowed authenticated users of the instance to modify the maintainer collaboration permission of a pull request without proper authorization. By exploiting this vulnerability, an attacker would b...
CVE-2020-10519
PUBLISHED: 2021-03-03
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the Gi...
CVE-2021-21353
PUBLISHED: 2021-03-03
Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the `pretty` option of the pug compiler, e.g. if you spread a user provided object such as the query parameters of a request into the pug template inputs, it was p...