Secunia CSI7
About us
Careers
Memberships
Newsroom
Contact us
Blog
News
Articles

Fighting Vulnerabilities

Get this blog as an RSS Feed
Since the inauguration of Secunia in 2002, we have offered a variety of free community services to aid you in staying secure online.
14:00 CET on the 13th February 2009
Entry written by Niels Henrik Rasmussen.

Hi,

Since the inauguration of Secunia in 2002, we have offered a variety of free community services to aid you in staying secure online.

Vulnerability Intelligence
For years we have provided the world's best advisories with verified vulnerability intelligence. The vulnerability intelligence is based on broad information gathering and a rigorous testing and verification procedure where some of the world's most skilled vulnerability researchers and security specialists continuously conduct research to reproduce the reported vulnerabilities.

Once the advisories have been published, we select the most critical ones affecting popular applications and initiate an even more thorough and in-depth analysis. This analysis is conducted by some of our reverse engineers and source code auditors. Their task is to gain an almost 100% understanding of the “inner workings” of each individual vulnerability.

Binary Analysis
When analysing the vulnerabilities the reverse engineers and source code auditors document programming errors and code that may affect the attack vector and exploitation. This analysis, including support files like PoCs, exploits, and PCAPs, is provided as part of our Binary Analysis service to IDS / IPS vendors, AV vendors, large enterprises, and governments.

Vulnerability Research
Secunia also puts a significant amount of resources into vulnerability research. Last year this resulted in Secunia being the most successful research company with a total of 68 vulnerabilities in significant software:
http://secunia.com/secunia_research/

PSI, OSI, and the community
Today, the most widely used free community effort by Secunia is the Secunia PSI with 1,1 million installations. The free Secunia PSI helps keeping private computer systems up-to-date with the latest security updates for all programs. Another 3.000 daily users keep the 70 most common programs up-to-date using the browser based Secunia OSI.

The Secunia PSI received a 5 of 5 rating by download.com and was selected as 1 of 101 fantastic freebees by PCWorld.

Developing, supporting, and promoting the use of Secunia PSI and OSI has a high priority at Secunia. Currently we employ 3 people, who focus solely on the PSI; other staff also spend significant resources on development and management of the Secunia PSI project.

The Secunia PSI and OSI are also backed by an active online community where users can get support and help with updating software and other security related issues. In 2009, we will also be inviting the community to help translating and supporting the Secunia PSI in even more languages like we did with the first community translation to Spanish in December 2008.

The free Secunia PSI and Secunia OSI solutions utilise the same technology and the same Vulnerability Intelligence as the business edition. This combination of technology and intelligence allows easy and reliable tracking of thousands of missing security updates, end-of-life programs, as well as up-to-date software for users.

The future
In the current turmoil of the global financial crisis, you can rest assured that Secunia will continue to provide the world's best software security update tool and vulnerability information free of charge to the community for use on private systems as well as conduct vulnerability research. We will, however, also seek to optimise our business to ensure that Secunia remain a sound and healthy business that can continue to afford investing in the community by charging businesses and governments for their use of our services and solutions on their systems.

Stay Secure,

Niels Henrik Rasmussen
CEO

Discuss this blog entry
A new thread in our forum is created. Activate the thread by commenting/discussing below.
Subject: Fighting Vulnerabilities
 
No posts yet

-

You must be logged in to post a comment.



 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability