Secunia, the leading provider of IT security solutions that enable businesses and private individuals to manage and control vulnerability threats, today announced the general availability of the next generation of its flagship solution the Secunia Corporate Software Inspector (CSI) version 6.0. The new solution provides customers with the unique ability to understand and evaluate their entire threat landscape, identify exactly where application vulnerabilities exist and how best to prioritize and implement remediation efforts, all whilst leveraging and maximizing existing security investments in current Client Management (CM), Security Information & Event Management (SIEM), and Governance, Risk & Compliance (GRC) tools.
“The overall mission of the Secunia CSI 6.0 has been to empower our customers and their current infrastructure, while providing them with the best of breed vulnerability intelligence, scanning, and pre-created patch packages. We have therefore focused on developing the Secunia CSI’s integration capabilities, making the Secunia CSI 6.0 a much more useful and extensive Vulnerability and Patch Management tool”, said Morten R. Stengaard, Director of Product Management and Quality Assurance at Secunia.
Companies that do not have a complete overview of what is installed across laptops, PCs, and servers, and the security state of these programs, are at a disadvantage as it becomes impossible to prioritize remediation efforts and efficiently managing the environment to reduce risk and increase the security state – and the vulnerability threat landscape is intensifying. “In 2011, Secunia identified more than 800 end-point vulnerabilities, of which more than 50% were rated as highly or extremely critical (exploitable from remote), and 78% of all vulnerabilities affected non-Microsoft programs; that is, a greater, more critical, and more diverse vulnerability exposure that faces companies”, said Stengaard.
The Secunia CSI provides the reliable, comprehensive, and up-to-date vulnerability intelligence and highly accurate scan results needed by IT-operations and security teams to deal with these vulnerabilities. By combining these two capabilities with automated patch creation and integration, the intelligence becomes actionable in a CM, SIEM, and GRC perspective and more cost effective. ”Simply put, we have designed the new Secunia CSI to help our customers realize a better return on those investments while at the same time improving their security level”, said Stengaard.
The Secunia CSI 6.0 is the next ‘push’ from Secunia towards enabling companies to take their IT-security to a higher level, a development which is directly attributed to the on-going dialogue and feedback from customers. Among the most important new features is the updated vulnerability scanner that covers more operating platforms (Windows, Mac OSX, and Red Hat Enterprise Linux, (RHEL)), as well as the ability to scan for custom software throughout the environment, with updates being created using the Secunia Package System (SPS) and deployed with existing deployment solutions. With expanded coverage, organizations are armed with the information, responsiveness, and protection needed to ensure business continuity and minimize business damage.
Further, the new easy integration with preferred deployment solutions such as Microsoft Windows Server Update Services (WSUS), Microsoft System Center Configuration Manager (SCCM), Altiris Deployment Solution, as well as any other third-party configuration management tools allows for easy installation of third-party updates, making patching a simple and straight-forward process for all IT departments. In the cases where regulatory compliance is of concern (e.g. the PCI-DSS or NERC-CIP standards), Secunia CSI 6.0 allows enterprises to have a clear picture of the programs and vulnerabilities that exist in the environment, including how critical they are and how long they have existed. And with the new Scheduled Data Export function, Secunia CSI can also integrate with any preferred Government Risk and Compliance (GRC) solution, allowing users to further utilise their existing solutions to improve security and compliance.
Currently more than 1,000 enterprises worldwide from industries such as financial services, healthcare, government, education and energy rely on Secunia CSI for the protection of their endpoints and networks against cyber threats and attacks. The new Secunia CSI 6.0 is a tool that tailors to both SMBs and Enterprises, however, with a number of the new features addressing the particular pain points experienced by the enterprise customers:
New Features of Secunia CSI 6.0
• Custom Scan Rules
Create and maintain custom rules for scanning customer created programs, drivers, and plugins.
• Scanning Red Hat Enterprise Linux (RHEL)
View and export the RHEL inventory in the Secunia CSI after being processed by Secunia Detection/Version Rules.
• Improved SCCM Integration
Scan and display hosts connected to the upstream SCCM. Scan results are obtained from the data collected by the SCCM software inventory agent, which avoids the need to install the Secunia CSI agent on each client.
• Secunia Advisories
View all advisories relevant to Insecure or End-of-Life products in the user’s environment. The user can click a SAID (Secunia Advisory ID) to view a detailed description of the advisory.
• Smart Groups
Configure Smart Groups based on a wide variety of criteria to help prioritize remediation efforts and stay secure and compliant by allowing the user to filter and segment their data.
• Smart Group Notifications
Create and configure reminders, notifications, and alerts for a Smart Group based on the current state or changes to a group.
Automatically extract and transfer data using export schedules (for example, daily) from the Secunia CSI into Security Information & Event Management (SIEM) solutions and reporting tools.
• Third-party Integration for Patching
Publish packages using third-party patch deployment solutions, for example Altiris.
• Active Directory Integration
Automatically update organisational units and structure in the Secunia CSI when changes are made to the Active Directory.
• Activity Log
View information about all user activity within the Secunia CSI.
• VIM Integration
View and manage the VIM accounts that have been verified and integrated with the Secunia CSI and create Asset Lists for the integrated VIM accounts. The Asset Lists are updated automatically with the Secunia CSI scan results.
• IP Access Management
Configure the IP addresses the Secunia CSI console can be accessed from.
• F1 Help
Press F1 to open a help topic associated with the currently selected window in the Secunia CSI or click Help at the top of the window to view all CSI help topics.
“Cybercriminals know that the complexity to stay secure will always leave numerous users with inadequately patched PCs which are easy to exploit,” say Stengaard. “We must not allow their job to be easy.”
The Secunia CSI 6.0 is available from today and can be requested as a free trial at secunia.com/.