Secunia Releases Next Generation Enterprise Patch Management Tool
- Unique Microsoft WSUS integration allowing for simplified third party patch management, in addition to flexible reporting, cross-platform scanning, and control of laptops –now available for customers worldwide through the Secunia Corporate Software Inspector (CSI) 5.0
Secunia, the leading provider of Vulnerability Intelligence and Vulnerability Management tools, today announced the release of the Secunia Corporate Software Inspector (CSI) 5.0, a unique automated patch manager and vulnerability scanner proven to identify and remediate all off-the-shelf programs in corporate networks. The Secunia CSI 5.0 achieves this by offering the industry’s largest coverage for best-in-class program detection and patch deployment.
With the introduction of the Secunia CSI 5.0, patch management has been taken to the next level, simplifying the processes and reducing the resources required to ensure compliance. This is an important step in the further assimilation of patch management in organizations world-wide, as companies’ IT-security is only as strong as the weakest link – and patch management represents one of the central links; a patch remediates the root cause of compromise and thereby neutralises a large number of attack vectors (source: Secunia 2011).
Patch management, however, continues to be one of the most neglected areas of IT-security within corporations, being operationally and economically prohibitive. “Patch management is without doubt one of the areas of IT security that organizations struggle with. Because it is resource-intensive, and often very manual in nature, many companies ignore patching, or make it less of a priority. Next generation patch management products that are seamless and automated will definitely resonate with customers”, says Søren Vibe-Hansen, Information Security Officer at SEB Denmark.
Research from Secunia validates that an intelligent patching strategy is an effective approach for reducing vulnerability risks, maximizing operational efficiency, and minimizing costs. “To reduce cyber-risks with limited resources, it is important to know the potential targets, the capabilities and limitations of traditional defences, and where to effectively complement defences. Security patches are found to be a primary and effective means to escape the arms race with cybercriminals, as patches remediate the root cause of compromise” (source: Secunia 2011).
The Secunia CSI 5.0 offers companies a better way to deal with the patching challenge through automation and a highly centralized approach. With the Secunia CSI 5.0, customers can see a complete view of their network’s software security from one centralized, easy to navigate dashboard. In addition, Secunia’s breakthrough integration with Microsoft Windows Server Update Services (WSUS) for easy patch distribution has been ramped up, enabling management of the entire program life-cycle. It is now possible to install, configure, uninstall, and even deploy non-security related updates through the Secunia CSI 5.0’s WSUS integration. “With these enhancements, there is no doubt that third party patch management has been further simplified, which is one of the key challenges within efficient patch management”, says Morten R. Stengaard, Product Manager at Secunia. Andrew Jaquith, CTO of Perimeter E-Security and a Secunia partner, agrees. “Keeping third-party software up to date is a key concern of enterprise CISOs. To keep ahead of evolving threats, enterprises must patch their operating systems and applications software, regardless of who makes it. Integration with WSUS is a real win for customers, and should make patch management processes much more complete and efficient.”
A cornerstone of the new Secunia CSI 5.0 is flexibility. Because no two companies are the same the Secunia CSI 5.0 has been designed to adapt to individual organizational needs so that customers can optimize their processes, improve management of their risks, and ultimately save money. “Every business has different patch management practices and needs, and therefore shouldn’t have to conform to solution restrictions, rather the solution should adapt to the needs of each business,” said Morten R. Stengaard. “The Secunia CSI 5.0 has been developed to give businesses worldwide exactly what they have asked for in a patch management solution. Flexibility and customization are words that epitomize version 5.0”, he concludes.
With the launch of the Secunia CSI 5.0, Secunia expands its platform coverage, offering cross-platform software inspection for both Microsoft Windows and Mac OS X. This is to accommodate the increasing consumerasitaion of IT that the market is experiencing. “At SEB we have a range of different endpoints, across platforms, driven by the preferences of our employees. It is now up to corporate IT to ensure that consumerisation does not compromise our security”, says Søren Vibe-Hansen.
Key features of the Secunia CSI 5.0 include:
Enhanced Microsoft WSUS integration:The Secunia CSI 5.0 simplifies third party patch management by integrating with Microsoft WSUS and SCCM for easy distribution, providing award-winning accuracy, and offering the industry’s largest coverage of programs from more than 2,000 third party vendors, delivered by the market’s most trusted source of vulnerability intelligence.
Supreme flexibility, customisation, & control: The updated design and enhanced modular reporting capabilities are inspired by the award-winning Secunia Vulnerability Intelligence Manager (VIM). Configure the data that you want including data from several uses. You set the limits on how far you wish to go.
Handle security for laptops: Enhanced integration with the Secunia Personal Software Inspector (PSI) enables you to have increased control of the laptops that employees carry with them outside the corporate network.
Cross-platform scanning: Apple Mac OS X: Scan your Apple Mac OS X and have the results displayed in the Secunia CSI 5.0 user interface. The new CSI Agent for Mac can be installed on the Mac host in both command line and “service” mode, in a similar way to the Windows version.
New API gateway to the Secunia database: Access and interact with all Secunia scan results, scan history, sites, and configuration settings. Write your own custom SQL queries, copy/export local database contents to 3rd party programs, and share any queries with the Secunia Community, etc.
Secunia Package System (SPS): Enjoy even greater integration with Microsoft WSUS and create customised packages in a simple way with the SPS wizard – control execution flow, add multiple files to the same update package, perform configuration changes, etc. Key features include full 32-bit and 64-bit support, language specific updates, and a flexible uninstall program function. It is now also possible to patch different languages.
The release of the Secunia CSI 5.0 comes on the heels of a one-month beta period, where more than 4,000 beta testers have provided valuable feedback and input. “Support from the Security community has been outstanding and is greatly appreciated. At Secunia we develop new products that are market-driven. It is essential to us that we receive the kind of support that we have experienced during this beta. The final Secunia CSI 5.0 solution is without doubt an even better product after the beta test”, says Morten R. Stengaard.
For an in-depth roundup of all new solution enhancements is included in the official changelog.
Watch Secunia’s Product Manager, Morten R. Stengaard present the Secunia CSI 5.0 here.
Pricing and Availability
The Secunia CSI 5.0 is available from the August 31st, 2011, and to celebrate the release, companies are invited to get a 30 day free trial to test the new features for themselves.
For more information, click here.
Secunia 2011: How to secure a moving target with limited resources.