Scanning & Patch Management - Customer Testimonials

"We are convinced and very happy to use the Secunia CSI. Before using the Secunia CSI, fixing the security threats from vulnerable programs on a computer was time consuming and costly. And doing this had steadily become a full time job as the number of computers increased in our network.

Thanks to Secunia CSI, we are now in a comfortable position and simply update the software from various vendors via our Windows Update distribute server. This has reduced maintenance costs significantly, and the software packages can now be quickly deployed across all the computers in our network."

- Network Systems Administrator

"Open networks, heterogenic and partly individualised client infrastructures with different patch levels, combined with a few thousands users is a very typical situation for a universities IT infrastructure, which leaves hackers a lot of possibilities. To heighten the security of our IT environment, we, the server farm of the University of Augsburg (Universität Augsburg) has chosen the products CSI and PSI from the vendor Secunia.

The CSI is used for centrally managed IT environments, as for example in our PC pools for students – whereas the PSI is aimed at the decentrally managed units or individualised IT systems.

Because the area of 'Third-Party-Patch-Mangement' is totally new for us, and because we have started implementation of the Secunia products for the PC pools for students, we were dependant on the support and help from Secunia for the concept implementation and technical support.

In the first test scenario concerning “PC pools for students” Secunia was always ready to meet our wishes and needs – taking the existing server landscape into consideration. Also, because of the excellent technical support, Secunia was able to – in cooperation with us and other universities in Bavaria using these products - develop concepts and technical solutions which suit the specific character of the IT infrastructure of our university. During the process, Secunia was always focusing on the possibility to transfer the test environment concepts to the production environment."

"The Institute for Physical and Theoretical Chemistry at the University of Bonn allows its working groups to decide which software to use. Furthermore the research staff is free to a certain extent to use additional software. The maintenance of the resulting large diversity of installed programs is very time consuming. CSI offers the possibility to expand the automatic updating from Microsoft WSUS server also to lots of non-Microsoft applications. This does not only reduce the time needed for the maintenance of our Windows computers, but also increases the patch level considerably."

- IT Security & Operations Administrator "

"The Secunia CSI's database is my favourite feature. Most programs are represented here and the intelligence is updated daily. Grupo Unidad Editorial bought the solution because of it - it is the best in the market! The Secunia CSI's integration with Microsoft WSUS helps us to significantly improve our time and resource management so that we can focus on other priorities. There was no disruption or implementation involved.

The reporting in the Secunia CSI 5 is even better than the previous version as we can really customise the data for specific stakeholders/teams. This gives us a transparent, group-wide knowledge sharing process."

- Mario Trotta Moreu, CISSP, Chief Information Security Officer (CISO), Grupo Unidad Editorial "

"Thy-Mors Energy Service A/S has chosen Secunia’s CSI solution because Secunia is very professional in their approach to patch management. Thy-Mors Energy Service A/S has used Secunia CSI since version 3, and at the present moment we are using version 4.1.

The solution is easy to apply, and both the management interface and the client is some of the most stable software we have. The integration with Microsoft WSUS and the third party patch option is what makes it a smart solution.

Taken together, Secunia’s CSI solution provides an overview, which is among the best."

- Thomas Winther, IT-chef, Thy-Mors Energi Service A/S

"The main reason behind our decision to use the Secunia CSI is the need for an easier deployment of security patches for non-Microsoft products. We did not use Microsoft SCCM but only Microsoft WSUS for patch deployment. The only alternative to the Secunia CSI would have been a deployment of third-party patches with Microsoft SCCM. But then we wouldn't have the Secunia security database in the background.

The results of our investigation and use of the Secunia CSI matched our expectations. The most critical security vulnerabilities with client PC's are getting closed by now. Without the Secunia CSI, it was a considerable expense to deploy new versions with less security issues to all the clients."

- Arnold Straub, Business IT Specialist

"We wanted to identify what programs are installed on the users PC's and if they are updated. We have not looked at any other solution than the Secunia CSI. We found it to be easy to obtain information that we need, and thus the Secunia CSI fits to our expectations."

- Henk van Dongen, ICT Manager

"SANS uses both Secunia PSI and Secunia CSI to address software updates from both a user and an IT staff perspective. The Secunia PSI tool provides a visible tickler to the user that there are software updates that need to be applied to their computer. The Secunia CSI agent and management interface provides the IT staff the visibility into the current status of the users' computers to know if software updates are being applied or not."

- David Goldsmith, System Administrator

"Indiana University deployed the Secunia Corporate Software Inspector (CSI) to mitigate the risks of software vulnerabilities on its ~250,000 network devices spread across the university's eight campuses. Our students, faculty, and staff use the Secunia Personal Software Inspector (PSI) and CSI to protect their computers and data.

The Secunia CSI Enterprise gives me the ability to delegate tasks to the IT staff of different departments (i.e. Chemistry or Music). Its extensive coverage of programs gives us a clear picture of all the software installed in our network, enabling us to easily identify vulnerable or dangerous programs."

- Jonathan Sweeny, Incident Response Manager, Lead Security Analyst, Office of the VP for Information Technology, Indiana University

"The Secunia Corporate Software Inspector (CSI) offers great value for Niko Group to optimize the security patch policy.

There are 3 areas where the Secunia CSI plays an essential role in our organization:

1. Are the security updates installed correctly, and what is the security level for all our installed software packages? Deploying security updates takes place through another automated process where it is not always 100% sure if the updates were installed correctly. The Secunia CSI inspects which software is installed, and shows us immediately if it is patched correctly. In case the patch level is insufficient, a link to the website of the specific software will give us the right patch. After installation of this patch, the Secunia CSI will indicate during the next scan if the patched is installed correctly.

2. Which software products are patched insufficiently? The Secunia CSI thoroughly inspects all installed software modules and checks if they are the latest version. Not only Windows Updates but also numerous other software products are checked. There will be given a status if the security issue is critical or not. This allows us to easily focus on fixing the most critical issues.

3. The system is centrally managed, without any extra operational costs, and consists of good reporting options. The Secunia CSI's centrally managed console allows us to make scheduled scans easily and gives us a clear overview of all our computers and their status. The reporting module gives us a quick overview of the 'health status' of the computer network."

- Head of IT Security

"I first learned about the Software Inspector solutions by using the online version. When I found out that Secunia had released a network version, the CSI, I was quite enthusiastic – I felt that it would be something valuable I could use for our department.

I oversee about 315 computers in my department, and before the Secunia CSI, I had no idea what software our computers had and whether their users were patching them or not. All our computers are configured to run Windows Updates automatically, but we didn’t have anything for third-party software. With the CSI, I can monitor all kinds of software, not just the operating system.

The Secunia CSI has helped me to secure the network by making sure that I roll out the latest secure version for installed software. I like that it allows me to remotely scan computers so I don’t have to manually check each one if it has the latest patches. As a matter of fact, when I first scanned the network, I found out that there were some computers whose Windows Updates had not worked properly for the last few Patch Tuesdays. If I didn’t have the Secunia CSI, I never would have known."

- Unit Director, Information Technology Group

"We are running the Secunia CSI Agent on our laptops and user controlled desktops, as well as the usual centrally managed systems.

The Secunia CSI has given us a vast amount of information regarding 3rd party applications and how best to deal with them. We are all very pleased with the results, and it is allowing us to locate and prioritise which systems or applications need patching first.

All in all we are very pleased with the results. It has helped us to find many 3rd party applications which we were currently not looking to patch, thus leading to much tighter control and security on Windows systems."

- System Installation and Audit Responsible, Oxford University

"Before implementing the Secunia Corporate Software Inspector, vulnerability management used to be a tedious and time-consuming exercise for us, albeit an essential one. This was especially true in a hybrid software environment like ours, with applications installed both by various deployment tools and individually .

The Secunia CSI has helped us to automate many repetitive tasks such as inventorying software applications, monitoring security sources for relevant vulnerability announcements and verifying remediation after a patch has been deployed.

The Secunia CSI saves us a significant amount of time and reduces the risk of overlooking vulnerable applications, thereby increasing the overall security."

- IT Security Officer

"After implementing and scanning with the Secunia CSI 4.0 we concluded that our average security update level on software was near 80%. Soon after it became a "sport" to raise this level, and already after 14 days, we raised it to above 90%. What was remaining was an End-Of-Life version of Acrobat reader, and some unknown pieces of software. After handling these we are now "in just 3 weeks" very close to 100% average security update level on software."

- IT Administration Manager

"The partnership with Secunia fits well with CERT.PT's mission in promoting a global cybersecurity culture, an essential pillar of the national information society. Creating awareness for software patching for home users is at least as important as running anti-virus software, thus increasing the overall level of security for Internet users."