Secunia Corporate Software Inspector (CSI)
The Secunia CSI is an authenticated vulnerability and patch scanner which identifies installed programs and missing security patches:
- Non-intrusive authenticated vulnerability and patch scanning
- Covers programs and plug-ins from thousands of vendors
- Unprecedented accuracy, no more false positives
- Reports security status for each program
- Reports criticality rating for each insecure program
- Reports end-of-life programs
- Identifies missing patches
- Automated patch repackaging
- Integration with WSUS for easy patch distribution
- Integration with SCCM for extensive patch management
Secunia CSI takes a different approach than other scanners by conducting authenticated scans of systems. This makes it possible for the Secunia CSI to identify all installed programs and plug-ins based on the actual files present on the system.
Secunia CSI correlates program meta data with Secunia’s comprehensive product database to build an inventory of the installed programs and plug-ins. This inventory is in turn correlated with vulnerability meta data based on Secunia Vulnerability Intelligence. The accuracy of this approach is unprecedented and provides actionable results with risk ratings and other metrics based on Secunia Advisories.
The scan results of Secunia CSI provides details about the full installation path, version details, direct links to patches, ratings, access to Secunia Advisories with further vulnerability details and metrics as well as other useful information for alternative mitigation strategies.
Based on the details collected by Secunia CSI, as well as the experts working behind the scenes at Secunia, it is possible to use the Secunia CSI to automatically repackage a large amount of patches for direct deployment and management using Microsoft WSUS and Microsoft SCCM.
CSI also detects and reports end-of-life programs and plug-ins. Software which has reached end-of-life should not be used due to lack of vulnerability information about these products and that the vendors will not be providing security updates. Secunia CSI also lists all the programs and plug-ins which are patched and up-to-date. This can be used to verify that patches has been properly applied and that old insecure versions has been removed. It can also be used as a valuable and highly accurate supplement to other asset and license management tools, many customers also use it to track installation of non-approved programs and plug-ins.
The Secunia CSI offers different deployment options to suit your environment:
- Agent-less scanning of your systems can be performed out-of-the box.
- Agent-based deployment is more flexible and can be used in segmented networks and to scan systems that aren’t always online (e.g. laptops).
- Appliance mode offers “agent-less” scanning from centralised hosts in e.g. branch offices.
- CLI mode makes it possible to schedule and manage scans using other tools (e.g. log-on scripts).
