Scanning & Patch Management - CSI Customer Testimonials

“It was not easy to find a solution for our patch deployment. We have a Linux Server Infrastructure with Windows Clients. We had to find a solution that provides updates and patches, not only for Windows but also for installed software, and fits in our infrastructure. Secunia gave us the ability to use Microsoft's WSUS to deploy patches, updates. The software management possibilities are huge and showed us vulnerabilities caused of 3rd party software or unpatched clients, we didn't know before. We use Secunia a couple of months now and still find things to improve in our clientsoftware infrastructure.”

- Daniel Redl, IT Technician

Mölndal Energi AB was primarily looking for a way to get an overview of their third-party software in terms of missing security patches and deprecated software.

“What made us choose Secunia CSI was primarily the integration with Microsoft WSUS to deliver patches to third-party software. Microsoft WSUS is a product we already had in place and was used to working with. From the beginning, we thought we would have the most benefit from the patch engine, but it turned out to be the inventory. It's very valuable to get a complete overview of software security throughout the organization. It is truly impossible to manually maintain a complete view of all your software in terms of security vulnerabilities. Secunia CSI has helped us to gain total control over all of our software and ensured that we are able to act quickly when a new software vulnerability is discovered. All businesses would benefit from using this type of application.”

- Jonathan Hallberg, Security Technician

"Secunia is the only vendor of its size in the market providing the very important integration to SCCM, hence the existing patch processes can be merged and does not have to run separately. The integration ensure simplicity in regards to preparation, publishing and deployment of patches and installations.
As easy as it can be, couple of clicks and you are ready to focus your work at the processes."

- Lead System Engineer, Danfoss

Read the success story here

"We are convinced and very happy to use the Secunia CSI. Before using the Secunia CSI, fixing the security threats from vulnerable programs on a computer was time consuming and costly. And doing this had steadily become a full time job as the number of computers increased in our network.

Thanks to Secunia CSI, we are now in a comfortable position and simply update the software from various vendors via our Windows Update distribute server. This has reduced maintenance costs significantly, and the software packages can now be quickly deployed across all the computers in our network."

- Network Systems Administrator

"Open networks, heterogenic and partly individualised client infrastructures with different patch levels, combined with a few thousands users is a very typical situation for a universities IT infrastructure, which leaves hackers a lot of possibilities. To heighten the security of our IT environment, we, the server farm of the University of Augsburg (Universität Augsburg) has chosen the products CSI and PSI from the vendor Secunia.

The CSI is used for centrally managed IT environments, as for example in our PC pools for students – whereas the PSI is aimed at the decentrally managed units or individualised IT systems.

Because the area of 'Third-Party-Patch-Mangement' is totally new for us, and because we have started implementation of the Secunia products for the PC pools for students, we were dependant on the support and help from Secunia for the concept implementation and technical support.

In the first test scenario concerning “PC pools for students” Secunia was always ready to meet our wishes and needs – taking the existing server landscape into consideration. Also, because of the excellent technical support, Secunia was able to – in cooperation with us and other universities in Bavaria using these products - develop concepts and technical solutions which suit the specific character of the IT infrastructure of our university. During the process, Secunia was always focusing on the possibility to transfer the test environment concepts to the production environment."

"The Institute for Physical and Theoretical Chemistry at the University of Bonn allows its working groups to decide which software to use. Furthermore the research staff is free to a certain extent to use additional software. The maintenance of the resulting large diversity of installed programs is very time consuming. CSI offers the possibility to expand the automatic updating from Microsoft WSUS server also to lots of non-Microsoft applications. This does not only reduce the time needed for the maintenance of our Windows computers, but also increases the patch level considerably."

- IT Security & Operations Administrator

"The Secunia CSI's database is my favourite feature. Most programs are represented here and the intelligence is updated daily. Grupo Unidad Editorial bought the solution because of it - it is the best in the market! The Secunia CSI's integration with Microsoft WSUS helps us to significantly improve our time and resource management so that we can focus on other priorities. There was no disruption or implementation involved.

The reporting in the Secunia CSI 5 is even better than the previous version as we can really customise the data for specific stakeholders/teams. This gives us a transparent, group-wide knowledge sharing process."

- Mario Trotta Moreu, CISSP, Chief Information Security Officer (CISO), Grupo Unidad Editorial

"Thy-Mors Energy Service A/S has chosen Secunia’s CSI solution because Secunia is very professional in their approach to patch management. Thy-Mors Energy Service A/S has used Secunia CSI since version 3, and at the present moment we are using version 4.1.

The solution is easy to apply, and both the management interface and the client is some of the most stable software we have. The integration with Microsoft WSUS and the third party patch option is what makes it a smart solution.

Taken together, Secunia’s CSI solution provides an overview, which is among the best."

- Thomas Winther, IT-chef, Thy-Mors Energi Service A/S

"The main reason behind our decision to use the Secunia CSI is the need for an easier deployment of security patches for non-Microsoft products. We did not use Microsoft SCCM but only Microsoft WSUS for patch deployment. The only alternative to the Secunia CSI would have been a deployment of third-party patches with Microsoft SCCM. But then we wouldn't have the Secunia security database in the background.

The results of our investigation and use of the Secunia CSI matched our expectations. The most critical security vulnerabilities with client PC's are getting closed by now. Without the Secunia CSI, it was a considerable expense to deploy new versions with less security issues to all the clients."

- Arnold Straub, Business IT Specialist

"We wanted to identify what programs are installed on the users PC's and if they are updated. We have not looked at any other solution than the Secunia CSI. We found it to be easy to obtain information that we need, and thus the Secunia CSI fits to our expectations."

- Henk van Dongen, ICT Manager

"SANS is a very geographically diverse company with most employees working from home or on the road. The absence of a central network to which all computers are connected reduces the ability of a number of other management tools to have visibility into all of our corporate computer resources.

SANS uses both Secunia PSI and Secunia CSI to address software updates from both a user and an IT staff perspective. The Secunia PSI tool provides a visible tickler to the user that there are software updates that need to be applied to their computer. The Secunia CSI agent and management interface provides the IT staff the visibility into the current status of the users' computers to know if software updates are being applied or not."

- David Goldsmith, System Administrator

"Indiana University deployed the Secunia Corporate Software Inspector (CSI) to mitigate the risks of software vulnerabilities on its ~250,000 network devices spread across the university's eight campuses. Our students, faculty, and staff use the Secunia Personal Software Inspector (PSI) and CSI to protect their computers and data.

The Secunia CSI Enterprise gives me the ability to delegate tasks to the IT staff of different departments (i.e. Chemistry or Music). Its extensive coverage of programs gives us a clear picture of all the software installed in our network, enabling us to easily identify vulnerable or dangerous programs."

- Jonathan Sweeny, Incident Response Manager, Lead Security Analyst, Office of the VP for Information Technology, Indiana University

"The Secunia Corporate Software Inspector (CSI) offers great value for Niko Group to optimize the security patch policy.

There are 3 areas where the Secunia CSI plays an essential role in our organization:

1. Are the security updates installed correctly, and what is the security level for all our installed software packages? Deploying security updates takes place through another automated process where it is not always 100% sure if the updates were installed correctly. The Secunia CSI inspects which software is installed, and shows us immediately if it is patched correctly. In case the patch level is insufficient, a link to the website of the specific software will give us the right patch. After installation of this patch, the Secunia CSI will indicate during the next scan if the patched is installed correctly.

2. Which software products are patched insufficiently? The Secunia CSI thoroughly inspects all installed software modules and checks if they are the latest version. Not only Windows Updates but also numerous other software products are checked. There will be given a status if the security issue is critical or not. This allows us to easily focus on fixing the most critical issues.

3. The system is centrally managed, without any extra operational costs, and consists of good reporting options. The Secunia CSI's centrally managed console allows us to make scheduled scans easily and gives us a clear overview of all our computers and their status. The reporting module gives us a quick overview of the 'health status' of the computer network."

- Head of IT Security

"I first learned about the Software Inspector solutions by using the online version. When I found out that Secunia had released a network version, the CSI, I was quite enthusiastic – I felt that it would be something valuable I could use for our department.

I oversee about 315 computers in my department, and before the Secunia CSI, I had no idea what software our computers had and whether their users were patching them or not. All our computers are configured to run Windows Updates automatically, but we didn’t have anything for third-party software. With the CSI, I can monitor all kinds of software, not just the operating system.

The Secunia CSI has helped me to secure the network by making sure that I roll out the latest secure version for installed software. I like that it allows me to remotely scan computers so I don’t have to manually check each one if it has the latest patches. As a matter of fact, when I first scanned the network, I found out that there were some computers whose Windows Updates had not worked properly for the last few Patch Tuesdays. If I didn’t have the Secunia CSI, I never would have known."

- Unit Director, Information Technology Group

"We are running the Secunia CSI Agent on our laptops and user controlled desktops, as well as the usual centrally managed systems.

The Secunia CSI has given us a vast amount of information regarding 3rd party applications and how best to deal with them. We are all very pleased with the results, and it is allowing us to locate and prioritise which systems or applications need patching first.

All in all we are very pleased with the results. It has helped us to find many 3rd party applications which we were currently not looking to patch, thus leading to much tighter control and security on Windows systems."

- System Installation and Audit Responsible, Oxford University

"Before implementing the Secunia Corporate Software Inspector, vulnerability management used to be a tedious and time-consuming exercise for us, albeit an essential one. This was especially true in a hybrid software environment like ours, with applications installed both by various deployment tools and individually .

The Secunia CSI has helped us to automate many repetitive tasks such as inventorying software applications, monitoring security sources for relevant vulnerability announcements and verifying remediation after a patch has been deployed.

The Secunia CSI saves us a significant amount of time and reduces the risk of overlooking vulnerable applications, thereby increasing the overall security."

- IT Security Officer

"After implementing and scanning with the Secunia CSI 4.0 we concluded that our average security update level on software was near 80%. Soon after it became a "sport" to raise this level, and already after 14 days, we raised it to above 90%. What was remaining was an End-Of-Life version of Acrobat reader, and some unknown pieces of software. After handling these we are now "in just 3 weeks" very close to 100% average security update level on software."

- IT Administration Manager

"The partnership with Secunia fits well with CERT.PT's mission in promoting a global cybersecurity culture, an essential pillar of the national information society. Creating awareness for software patching for home users is at least as important as running anti-virus software, thus increasing the overall level of security for Internet users."