Secunia released Secunia Corporate Software Inspector 7.0, which introduces new features and improvements for vulnerability and patch management.
The foundation of the Secunia CSI is a combination of vulnerability intelligence and vulnerability scanning, with patch creation and patch deployment integration. The Secunia CSI integrates with Microsoft WSUS and System Center 2012 and third-party configuration management tools for easy deployment of third-party updates, making patching a simple and straight-forward process for all IT departments.
It comes with these new and improved features:
Smart Groups 2.0: Create Smart Groups designed to prioritize remediation efforts by filtering and segmenting data based on hosts, products or impact, and to receive alerts when a threat is detected.
User Management: Create user accounts with different roles and permissions.
Patch Configuration: Get configurable patches out-of-the-box that can be easily customized to support your environment, for example to avoid desktop shortcuts or to disable auto-update for a program.
Web Console (SaaS): Log in to the Secunia CSI from an internet browser for instant access to your data and reports – anywhere, at any time.
Password Policy Configuration: Determine and enforce the global password policy for your organization to comply with internal and external policies, as well as to meet best-practice standards in your industry.
Live updates: Get an immediate overview of how a new vulnerability affects your infrastructure as soon as the advisory has been released by Secunia Research, based on your latest scan results.
PSI for Android: Scan Android devices for vulnerabilities with the Secunia PSI for Android, and integrate it with the Secunia CSI to support your BYOD policy.
Secunia SC2012 Plugin 2.0: For CSI integration with Microsoft System Center 2012. This add-on makes it possible to deploy all third-party updates directly in Microsoft System Center 2012.
Zero-Day Vulnerability Support: This add-on includes SMS or email alerts whenever a new zero-day vulnerability is discovered that affects the particular IT infrastructure. It is designed for organizations that have a sufficiently sophisticated security apparatus to enable them to act on the zero-day threat intelligence.