Respond faster to potential security breaches in the most cost-effective way

Vulnerability Intelligence, Scanning, & Patch Management options to suit all infrastructures

You want to optimise the way in which you handle emerging vulnerability threats, however you are not completely sure which technology option is best for your organisation. Does this scenario sound familiar?

Having a transparent overview of all your installed third (3rd) party programs and plug-ins enables you to have a real-time snapshot of vulnerability threats at all times. Leveraging reliable Vulnerability Intelligence, for example, means that you can take pre-emptive action to avoid security breaches and document remediation strategies for future use.

Aligning processes – such as utilising third party Scanning & Patch Management solutions that integrate with Microsoft WSUS & SCCM for example – further enhances your ability to manage vulnerability threats from all angles.

Whatever technology is right for you – the result is the same: adopting a tactical and automated approach to handling vulnerabilities will boost your internet security, network security, and endpoint security. Adhering to IT security best practices and policies can also help with security audits and compliance audits.

Vulnerability Intelligence

Vulnerability intelligence maps the entire vulnerability lifecycle so that vulnerabilities can be rapidly identified and tracked, and therefore pre-emptive action can be taken to remediate threats. Having a transparent overview of all vulnerability threats aids security audits and compliance audits as part of overall risk management.

Secunia’s vulnerability intelligence feed is the one-source solution that provides multiple people within large IT security departments with all the relevant threat intelligence they require. Leveraging the industry’s most extensive and reliable source of threat intelligence – declared "CVE Compatible" by The Mitre Corporation – enables optimised vulnerability management, vulnerability assessment, and intrusion prevention.

Exploit definitions are provided by Secunia’s criticality ratings, which are commonly used as industry standards. The database of Secunia’s award-winning vulnerability intelligence is updated with daily advisories by Secunia’s renowned Research Team. This vulnerability intelligence is easy to access using e-mail or by loading the data into an internal database or application using XML.

Scanning

The unique security scanner of the Secunia Corporate Software Inspector (CSI) takes a different approach compared to other scanners. It conducts non-intrusive authenticated vulnerability and patch scanning, making it possible to identify all installed programs and plug-ins based on the actual files present on your system. Program meta data is correlated with Secunia's comprehensive product database to build an inventory of the installed programs and plug-ins, which is then further correlated with vulnerability meta data based on Secunia Vulnerability Intelligence. The accuracy of this approach is unprecedented and provides actionable results with risk ratings and other metrics based on Secunia Advisories.

Based on the details collected by the Secunia CSI, as well as the experts working behind the scenes at Secunia, it is possible to use the Secunia CSI to automatically repackage a large amount of patches for direct deployment and management using Microsoft WSUS and Microsoft SCCM. The scanning provides a transparent overview of programs and plug-ins, so that you can clearly see which have end-of-life status and which are patched and up-to-date.

The Secunia CSI offers flexible, agent-less deployment options to suit every infrastructure. The scan results of the Secunia CSI provide critical vulnerability details so that you can plan alternative mitigation strategies, thereby enhancing your network security, endpoint protection, and internet security. Such details include information about the full installation path, version details, links to patches, ratings, and access to Secunia Advisories.

Patch Management

A patch is a security update which is designed to fix vulnerabilities in applications and plug-ins. Patch Management is therefore the strategy and process used to determine what patches should be applied to which applications, and when. Implementing Patch Management best practices such as a tactical, integrated, and automated approach to handling vulnerabilities can boost your internet security, network security, and endpoint security. Successful Patch Management policies can also help with security audits and compliance audits.

The number of vulnerabilities affecting a typical end-point are rising considerably, with third (3rd) party programs primarily responsible for this trend – research revealed that third party programs have 3.83 times more vulnerabilities than Microsoft programs.* Therefore, a Patch Management policy for your third party programs should sit seamlessly alongside your Microsoft Patch Management process.

That is why the Secunia Corporate Software Inspector (CSI) – our award-winning automated Patch Management tool – integrates with Microsoft WSUS & Microsoft SCCM for easy deployment of third party updates. Its authenticated vulnerability and patch scanner identifies installed programs and missing security patches, thereby making patching a simple and straightforward process for all IT departments. Secunia also has Patch Management tools for private individuals: the Secunia Personal Software Inspector (PSI).