Cybercriminals know that the complexity to stay secure will always leave numerous users with inadequately patched PCs which are easy to exploit. We must not allow their job to be easy.
COPENHAGEN, DENMARK (PRWEB) August 30, 2012
Secunia, the leading provider of IT security solutions that enable businesses and private individuals to manage and control vulnerability threats, today announced the general availability of the next generation of its flagship solution the Secunia Corporate Software Inspector (CSI) version 6.0. The new solution provides customers with the unique ability to understand and evaluate their entire threat landscape, identify exactly where application vulnerabilities exist and how best to prioritize and implement remediation efforts, all whilst leveraging and maximizing existing security investments in current Client Management (CM), Security Information & Event Management (SIEM), and Governance, Risk & Compliance (GRC) tools.
“The overall mission of the Secunia CSI 6.0 has been to empower our customers and their current infrastructure, while providing them with the best of breed vulnerability intelligence, scanning, and pre-created patch packages. We have therefore focused on developing the Secunia CSI’s integration capabilities, making the Secunia CSI 6.0 a much more useful and extensive Vulnerability and Patch Management tool”, said Morten R. Stengaard, Director of Product Management and Quality Assurance at Secunia.
Companies that do not have a complete overview of what is installed across laptops, PCs, and servers, and the security state of these programs, are at a disadvantage as it becomes impossible to prioritize remediation efforts and efficiently managing the environment to reduce risk and increase the security state – and the vulnerability threat landscape is intensifying. “In 2011, Secunia identified more than 800 end-point vulnerabilities, of which more than 50% were rated as highly or extremely critical (exploitable from remote), and 78% of all vulnerabilities affected non-Microsoft programs; that is, a greater, more critical, and more diverse vulnerability exposure that faces companies”, said Stengaard.
The Secunia CSI provides the reliable, comprehensive, and up-to-date vulnerability intelligence and highly accurate scan results needed by IT-operations and security teams to deal with these vulnerabilities. By combining these two capabilities with automated patch creation and integration, the intelligence becomes actionable in a CM, SIEM, and GRC perspective and more cost effective. ”Simply put, we have designed the new Secunia CSI to help our customers realize a better return on those investments while at the same time improving their security level”, said Stengaard.
The Secunia CSI 6.0 is the next ‘push’ from Secunia towards enabling companies to take their IT-security to a higher level, a development which is directly attributed to the on-going dialogue and feedback from customers. Among the most important new features is the updated vulnerability scanner that covers more operating platforms (Windows, Mac OSX, and Red Hat Enterprise Linux, (RHEL)), as well as the ability to scan for custom software throughout the environment, with updates being created using the Secunia Package System (SPS) and deployed with existing deployment solutions. With expanded coverage, organizations are armed with the information, responsiveness, and protection needed to ensure business continuity and minimize business damage.
Further, the new easy integration with preferred deployment solutions such as Microsoft Windows Server Update Services (WSUS), Microsoft System Center Configuration Manager (SCCM), Altiris Deployment Solution, as well as any other third-party configuration management tools allows for easy installation of third-party updates, making patching a simple and straight-forward process for all IT departments. In the cases where regulatory compliance is of concern (e.g. the PCI-DSS or NERC-CIP standards), Secunia CSI 6.0 allows enterprises to have a clear picture of the programs and vulnerabilities that exist in the environment, including how critical they are and how long they have existed. And with the new Scheduled Date Export function, Secunia CSI can also integrate with any preferred Government Risk and Compliance (GRC) solution, allowing users to further utilise their existing solutions to improve security and compliance.
Currently more than 1,000 enterprises worldwide from industries such as financial services, healthcare, government, education and energy rely on Secunia CSI for the protection of their endpoints and networks against cyber threats and attacks. The new Secunia CSI 6.0 is a tool that tailors to both SMBs and Enterprises, however, with a number of the new features addressing the particular pain points experienced by the enterprise customers:
New Features of Secunia CSI 6.0
Custom Scan Rules
Create and maintain custom rules for scanning customer created programs, drivers, and plugins.
Scanning Red Hat Enterprise Linux (RHEL)
View and export the RHEL inventory in the Secunia CSI after being processed by Secunia Detection/Version Rules.
Improved SCCM Integration
Scan and display hosts connected to the upstream SCCM. Scan results are obtained from the data collected by the SCCM software inventory agent, which avoids the need to install the Secunia CSI agent on each client.
View all advisories relevant to Insecure or End-of-Life products in the user’s environment. The user can click a SAID (Secunia Advisory ID) to view a detailed description of the advisory.
Configure Smart Groups based on a wide variety of criteria to help prioritize remediation efforts and stay secure and compliant by allowing the user to filter and segment their data.
Smart Group Notifications
Create and configure reminders, notifications, and alerts for a Smart Group based on the current state or changes to a group.
Automatically extract and transfer data using export schedules (for example, daily) from the Secunia CSI into Security Information & Event Management (SIEM) solutions and reporting tools.
Third-party Integration for Patching
Publish packages using third-party patch deployment solutions, for example Altiris.
Active Directory Integration
Automatically update organisational units and structure in the Secunia CSI when changes are made to the Active Directory.
View information about all user activity within the Secunia CSI.
View and manage the VIM accounts that have been verified and integrated with the Secunia CSI and create Asset Lists for the integrated VIM accounts. The Asset Lists are updated automatically with the Secunia CSI scan results.
IP Access Management
Configure the IP addresses the Secunia CSI console can be accessed from.
Press F1 to open a help topic associated with the currently selected window in the Secunia CSI or click Help at the top of the window to view all CSI help topics.
“Cybercriminals know that the complexity to stay secure will always leave numerous users with inadequately patched PCs which are easy to exploit,” say Stengaard. “We must not allow their job to be easy.”
The Secunia CSI 6.0 is available from today and can be requested as a free trial here: http://secunia.com/vulnerability_scanning/corporate/trial/
Note to Editors
Background to CSI 6.0 GA & Vulnerabilities
A reviewer’s guide is available for the CSI 6.0 here [http://secunia.com/?action=fetch&filename=Secunia_CSI_6.0_Reviewers_Guide.pdf .
Two videos on the Secunia CSI 6.0 will be available: (1) Secunia CSI 6.0 – Enhanced Integration with MS SCCM 2012 (http://youtu.be/peyejY5090s) and (2) Using the SDK to integrate Altiris Patch Deployment solution http://youtu.be/8KleR0ob0Sk.
According to Secunia’s latest Yearly Report - http://secunia.com/company/2011_yearly_report - the number of end-point vulnerabilities increased once again in 2011 to over 800 vulnerabilities – a tripling within only a few years - more than half of which were rated by Secunia as either ‘Highly’ or ‘Extremely critical’. Patching insecure programs helps safeguard data and PC against cybercriminals. These cybercriminals are increasingly targeting private PCs. Their entry points are vulnerabilities in popular non-Microsoft programs, which are exploited and used as a gateway to compromise PCs and access confidential data such as passwords, online profiles, and bank details. Attacks exploiting vulnerable programs and plug-ins are often not blocked by traditional anti-virus.
A vulnerability is a software error which can be exploited with a security impact and gain. Vulnerabilities allow criminals to gain control over systems and perform actions ranging from stealing sensitive information (such as credit card numbers, passwords, and personal documents) to automatic installation of viruses, Trojans, keyloggers, and other types of malware. Vulnerabilities can affect all applications installed on a computer, including the operating system.
The only real solution to avoid becoming a victim of a hacker exploiting vulnerabilities is to install the latest security updates that the vendor of the program has released. As new vulnerabilities are found regularly, it is important to scan for vulnerabilities on a regular basis.
Founded in 2002, Secunia is the leading provider of IT security solutions that help businesses and private individuals globally manage and control vulnerability threats, risks across their networks, and end-points. This is enabled by Secunia’s award-winning Vulnerability Intelligence, Vulnerability Assessment, and Patch Management solutions that ensure optimal and cost-effective protection of critical information assets.
Secunia plays an important role in the IT security ecosystem, and is the preferred supplier for enterprises and government agencies worldwide, counting Fortune 500 and Global 2000 businesses among its customer base. Secunia has operations in North America, the UK, and the Middle East, and is headquartered in Copenhagen, Denmark.
For more information, please visit secunia.com