Secunia Corporate Software Inspector (CSI) 5.

0
- Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X

Prevent the security domino effect in your IT infrastructure

Simplify your 3rd party Patch Management

Introduction
The Secunia CSI is an authenticated vulnerability and patch scanner which identifies installed programs and missing security patches. It integrates with Microsoft WSUS & Microsoft SCCM for easy deployment of 3rd party updates, making patching a simple and straightforward process for all IT departments. Furthermore, the Secunia Personal Software Inspector (PSI) now integrates with the Secunia CSI, giving administrators access to scan results from the PCs that are not directly under their control. These results can aid the administrators in devising and implementing a more comprehensive security policy in an efficient manner. Patching vulnerable programs, and in particular 3rd party programs, is a cumbersome and resource-demanding process, causing many enterprises to either neglect patching or only patch a few non-Microsoft programs. However, unpatched programs in a network open doors to threats and security breaches, which can be potentially devastating for an organisation in terms of loss of money, public image, customer trust, time, and market opportunities. Typical Vulnerability Management challenges faced by IT operations are: How to protect the IT infrastructure more effectively? How to make sure that the network does not have any installed programs with missing patches? How to accomplish this without using vast amounts of time and effort checking numerous vendor sites for program updates? The Secunia CSI is a revolutionary tool that simplifies the troublesome area of identifying vulnerable programs and patching them. By scanning the network with the Secunia CSI, organisations can effectively protect their corporate IT infrastructure against the threat posed by unpatched vulnerabilities. With the Secunia CSI, keeping your network secure has never been easier.
*Secunia Personal Software Inspector (PSI)

Whats new in 5.0?

Scanning of Apple Mac OS X A fully customisable reporting module Flexible packages for patching & configuring hosts, set to your specific criteria Enhanced integration with the Secunia PSI* Access to the underlying Secunia database

Indiana University deployed the Secunia Corporate Software Inspector (CSI) to mitigate the risks of software vulnerabilities on its ~250,000 network devices spread across the universitys eight campuses. Our students, faculty, and staff use the Secunia Personal Software Inspector (PSI) and CSI to protect their computers and data... Its extensive coverage of programs gives us a clear picture of all the software installed in our network, enabling us to easily identify vulnerable or dangerous programs.
Jonathan Sweeny, Incident Response Manager, Lead Security Analyst,
Office of the VP for Information Technology

secunia.com

Authenticated Vulnerability Scanning Technology

The Secunia CSI provides non-intrusive authenticated vulnerability and patch scanning. It takes a different approach compared to other scanners by conducting authenticated scans of systems. This makes it possible for the Secunia CSI to identify all installed programs and plug-ins based on the actual files present on the system. The Secunia CSI then correlates program meta data with Secunias comprehensive product database to build an inventory of the installed programs and plug-ins. This inventory is then correlated with vulnerability meta data based on Secunia Vulnerability Intelligence. The accuracy of this approach is unprecedented and provides actionable results with risk ratings and other metrics based on Secunia Advisories. Scan results The scan results of the Secunia CSI provide details about the full installation path, version details, direct links to patches, ratings, and access to Secunia Advisories with further vulnerability details and metrics as well as other useful information for alternative mitigation strategies. Based on the details collected by the Secunia CSI, as well as the experts working behind the scenes at Secunia, it is possible to use the Secunia CSI to automatically repackage a large amount of patches for direct deployment and management using Microsoft WSUS and Microsoft SCCM. The scanning also detects and reports end-of-life programs and plug-ins. This is software which for some reason is not supported by the vendor. Software which has reached end-of-life should not be used due to a lack of vulnerability information about these products, and because the vendors will not be providing security updates. The Secunia CSI also lists all the programs and plug-ins which are patched and up-to-date. This can be used to verify that patches have been properly applied and that old insecure versions have been removed. It can also be used as a valuable and highly accurate supplement to other asset and license management tools. Many customers also use it to track the installation of non-approved programs and plug-ins. Flexible deployment The Secunia CSI offers various deployment options designed to suit your environment: Agent-less scanning of your systems can be performed out-of-the box. When running agent-less, the Secunia CSI utilises standard Windows networking services to scan the systems on your network. The agents can also be automatically deployed through the Microsoft WSUS/SCCM integration. Agent-based deployment is more flexible. It can be used in segmented networks and to scan systems that are not always online (e.g. laptops). The agents can also be automatically deployed through the Microsoft WSUS/SCCM integration. Appliance mode offers agent-less scanning from centralised hosts; in branch offices for example. CLI mode makes it possible to schedule and manage scans using other tools (e.g. log-on scripts).

The Secunia CSI scans computers in your network from a central location

EXE

OCX

DLL

It scans all executables, including EXE, OCX, and DLL files using the Secunia File Signatures
EXE
EXE OCX

OCX
DLL

DLL

EXE

OCX

DLL

EXE

OCX

DLL

All scan results are fed into the central management console for easier analysis

AProgram 1.0 BProgram 1.0 CProgram 3.0 DProgram 2.0 EProgram 1.0

AProgram 1.0 BProgram 1.0 CProgram 3.0 DProgram 2.0

EProgram 1.0

The Secunia CSI tells you which version to update

AProgram 1.0

AProgram 1.0 1.0 BProgram 1.0 BProgram

CProgram CProgram 3.0 BProgram 1.0 3.0

AProgram 1.0

BProgram BProgram 1.0

Secunia Secunia Advisory DProgram 2.1 EProgram 1.0

AProgram 1.2

AProgram 1.2

AProgram1.0 1.2

CProgram 3.0 CProgram 1.0 BProgram 3.0

DProgram CProgram 3.0 2.0 EProgram DProgram 2.0 1.0 AProgram 1.0
EProgram 1.0

DProgram 2.0

EProgram 1.0 1.0 BProgram

CProgram 1.0 AProgram 3.0

Secunia Advisory

Advisory

DProgram 3.0 CProgram 2.1 EProgram 2.1 DProgram1.0 AProgram 1.2

EProgram 1.0 BProgram 1.0

CProgram 3.0 AProgram 1.2

Advisory Automatic 1.0 EProgram 3.0 CProgram repackaging DProgram 2.0 EProgram 1.0 Secunia Advisory

DProgram 1.0 BProgram 2.0

Secunia

DProgram 1.0 BProgram 2.1 EProgram 1.0 CProgram 3.0 DProgram 2.1 EProgram 1.0

AProgram 1.2

Patch A

DProgram 2.1 1.2 AProgram

Patch B

Patch A

AProgram 1.2 DProgram 2.1

Patch A Patch B

DProgram 2.1 Patch deployment

Patch B

a) Deployment Using Microsoft WSUS

Approval Approval
Approval Approval Approval Approval

WSUS
WSUS WSUS WSUS WSUS

SCCM b) Deployment Using Microsoft SCCM

Upload Upload Upload Upload SCCM SCCM SCCM

Upload Upload

SCCM

secunia.com

Microsoft WSUS Integration

The Secunia CSI integrates seamlessly with Microsoft Windows Server Update Services (WSUS) for easy deployment of 3rd party updates. This makes installing updates simple and straightforward due to the automatic repackaging feature and the Microsoft WSUS distribution management functionality in the Secunia CSI. The Secunia CSI provides simple methods for repackaging and publishing patches for distribution via Microsoft WSUS. It can literally be conducted with a few simple steps: Select insecure programs to patch The Secunia CSI automatically repackages and publishes patches to Microsoft WSUS Approve and manage distribution Track deployment status

Apple Mac Scanning

With the Secunia CSI it is now possible to scan Apple Mac OS X and have the scan results displayed in the Secunia CSIs user interface. The new Secunia CSI Agent for Mac is available for download from the Download Local Agent page within the Secunia CSI. The new agent can be installed on the Mac host in both command line and service mode, in a similar way to how the Windows equivalent works.

Microsoft SCCM Integration

The Secunia CSI integrates seamlessly with Microsoft System Center Configuration Manager (SCCM) 2007 to help you stay compliant and up-to-date with the latest security updates from 3rd party vendors and Microsoft. The Secunia CSI adds a critical security aspect to the Software Update Management and Asset Intelligence capabilities of Microsoft SCCM. While Microsoft SCCM offers many great features in order to configure and manage servers and desktops, Microsoft SCCM lacks the specialised capabilities within software inventory mapping and security intelligence related to software. The Secunia CSI provides highly detailed software inventory including both programs and plug-ins. This inventory is then mapped to security intelligence related to the individual programs and plug-ins as well as details about vendor supplied security updates. The Secunia CSI can automatically repackage these security updates/patches and push them to Microsoft SCCM, allowing you to control, manage, and monitor deployment using Microsoft SCCM. The Secunia CSI can further conduct scans of desktop and server systems to ensure that the updates are applied correctly and that all systems are fully compliant.

Secunia PSI Integration

The Secunia PSI is a free security tool designed to detect vulnerable and outdated programs and plug-ins, which expose your PC to attacks. Once installed, the Secunia PSI can help you patch vulnerable programs and stay secure. The Auto Update feature enables the Secunia PSI to automatically detect insecure programs on the PC, download the required patches, and install them accordingly without user interaction. In addition, the Secunia PSI integrates with the Secunia CSI, making it possible to report its local scan results to the centralised Secunia CSI dashboard. These features help the administrators in organisations better understand the security status of PC users that occasionally connect to their corporate networks. This integration is especially useful for administrators in educational institutions, where they do not have control or access to students connecting to the universitys/campus network from their PCs. By encouraging these users to install the Secunia PSI on their PCs, the administrators can get a better overview of both internal and external vulnerability threats, and take the necessary measures to protect their networks.

IT Administrator

"Secunias Scanning & Patch Management Solutions are designed to help organisations of all sizes improve their protection"
Frost & Sullivan 2011 Market Penetration Leadership Award

secunia.com

Flexible & Scalable Reporting

The Secunia CSIs customisable dashboard gives you a complete overview of the security and compliance state of your entire corporate network, enabling you to access and organise all data and results from a single location. Key features include: Detailed status reports on all the patched, insecure, and end-of-life programs Significantly improved performance and reporting capabilities, accommodating thousands of hosts Support for the documentation needs of both management and different user groups across the enterprise Scheduling to automatically generate reports at predefined time intervals Ability to receive the reports via e-mail, instead of manually generating them when needed

Summary of Features
Non-intrusive authenticated vulnerability and patch scanning with unprecedented accuracy Covers programs and plug-ins from thousands of vendors Scans 3rd party apps on PCs and Macs Reports the security status for each program Reports the criticality rating for each insecure program Reports end-of-life programs Identifies missing patches Automated patch repackaging Integration with Microsoft WSUS & SCCM for easy patch distribution and extensive Patch Management Install, configure, uninstall, and deploy updates with the Secunia Package System (SPS) Enhanced integration with the Secunia PSI Powerful scheduling features, enabling automatic report generation Ability to disallow the scanning of file locations

Benefits
The Secunia CSI enables IT security departments to gain a complete overview of their corporate networks by: Conducting cross-platform scanning Pinpointing the exact vulnerabilities affecting the network Providing in-depth details about vulnerabilities Simplifying the patching of vulnerabilities Enabling you to secure your off-site assets Sending e-mail alerts upon any changes in the network The Secunia CSI provides organisations with improved responsiveness and protection, thereby ensuring business continuity and minimising business damage.

The Ultimate Companion

The Secunia CSI takes information accuracy to a completely new level, keeping you up-to-date, regarding vulnerabilities in installed applications. The Secunia CSI saves us a significant amount of time and reduces the risk of overlooking vulnerable applications, thereby increasing the overall security
Dr. Sattler, IT Security Officer ER Schiffart GmbH

You save both time and resources when handling 5.0 vulnerabilities, as the Secunia CSI instantly maps your IT infrastructure, and provides you with guidance on remediation and upgrades using Microsoft WSUS & Microsoft SCCM.The Secunia CSI keeps track of all security issues, telling you what you need to know, when you want to know it, and how to remediate it, all in one go.
2.0 Contact sales@secunia.com for more information.

secunia.com

Example: Patch Deployment using Microsoft WSUS

Figure 1. List of all patches available for deployment

Figure 2. Selection of insecure programs for patching

Figure 3. Approval of automatic patching using Microsoft WSUS

Figure 4. Overview of the patch status of each computer

secunia.com