Many organisations have great patch management practices, but these are mainly concentrated on updating Microsoft OS and Microsoft applications, while neglecting third party applications. This means they could be missing over 80 percent of the vulnerabilities out there, according to new research by Shavlik.
Shavlik has announce the release of Shavlik Patch for Microsoft System Center 2.1. This is the second Shavlik Patch release this year, and it represents another step towards making third-party application patching within SCCM easy.
Most people are aware of what cloud computing has to offer, and the fact that scales easily and it provides access to data anytime and from anywhere. But how does it apply to Shavlik products? How are Shavlik products taking advantage of cloud computing in order to provide benefits to the customer?
Shavlik Protect 9.1 close to release, and Shavlik has shared some details about the release, which includes some useful enhancements and additions.
Paul Asadoorian Tenable, May 7, 2013: Ensuring that patches are applied to systems is a complex problem. Pinpointing those patches that must be applied to become current requires careful analysis. The new Nessus consolidated “Patch Report” plugin identifies which patches to apply to protect your systems.
Read this post →
Education environments have a large variety of tools and programs usually readily available from the internet. Supporting the tools and keeping your network safe is a large challenge!
Patch management using Shavlik supports agentless and agents based scans. Agentless scans and deployment is preferred by most. However, in places where you can’t perform agentless scan due to restriction of opening certain ports and starting certain services, agents can be used. Shavlik agent is fully self-contained, has a small footprint on the machine. There are a few things to take into note while using agents.
Secunia Press Release – 14 March 2013: 86% of vulnerabilities discovered in the most popular 50 programs in 2012 were in non-Microsoft (or “third-party”) programs. The result was published today in the Secunia Vulnerability Review 2013. Secunia is a leading provider of IT security solutions that enable management and control of vulnerability threats. The Secunia Vulnerability Review 2013 analyses the evolution of software vulnerabilities from a global, industry, enterprise, and endpoint perspective.
Morton Stengaard, Director, Product Management & Quality Assurance, Secunia, 14 March 2013: The Secunia Vulnerability Review 2013, published today, documents that patching is as important as ever, and that non-Microsoft (third-party) programs pose one of the largest threats to IT infrastructures and private PCs alike.
Patching from a cloud interface? Secunia have just released their XSI into the world as ‘Secunia SmallBusiness’ – it’s free for up to 5 machines but is designed to provide cover for up to 50 machines.
Secunia introduces a new enterprise class security solution to help Small Business with Patch Management
Secunia Press Release – 25 February 2013: Secunia, the leading provider of IT security solutions that enable businesses and private individuals to manage and control vulnerability threats, today announced the availability of Secunia SmallBusiness (public beta). Secunia SmallBusiness is an intelligent, cloud-based patch management solution for up to 50 PCs. It protects small businesses against the threat posed by known software vulnerabilities – a growing threat which traditional antivirus technology does not provide adequate protection from.
When demoing Secunia CSI, I have seen quite a few hidden gem’s which can prove useful or handy when looking at patching and focusing on business critical applications.
Overcoming VMWare vCenter Protect (Shavlik) patch deployment issues with Windows Update service using Custom Actions
We recently had a case where a customers IS team who use VMware vCenter Protect to patch Microsoft servers with both Microsoft and 3rd-party patches had issues with Microsoft Update offering other admins updates to install during business hours.
One of the many nice features in Secunia CSI (Corporate Software Inspector) is the capability of detecting End of Life products, these products are no longer marketed or sold and the Vendors may alsobe limiting or ending support for them.
The leading Patch Management company in the UK, Satisnet have now partnered with Vulnerability Assessment and Patch Management company Secunia. See our blog post announcing this). Secunia CSI uses a company’s existing software deployment/update tools, namely WSUS/SCCM to extend patch management to 3rd party non-Microsoft applications while not changing the current processes or resources utilised.
Secunia Press Release – 15 January 2013: Secunia, the leading provider of IT security solutions that enable businesses and private individuals to manage and control vulnerability threats, today announced that the company is partnering with IT security reseller Satisnet.
Many organisations have recognised the need for patching for some time and have implemented a process for taking care of this. WSUS is free, which is a compelling argument for management but WSUS has a failing as a comprehensive patch management tool in that it only covers Microsoft operating systems and applications, which will surprise no-one as it’s a Microsoft tool.
PSI is a free patch scanning tool which can communicate to a Corporate Software Inspector (CSI) console. I have been looking into the free ‘Secunia PSI’ patching tool and how it interacts with the ‘Secunia CSI*’ product. Secunia Personal Software Inspector (PSI) is a free home patching product with a simple friendly user interface.
Tenable Blog – 16 October 2012: Nessus and SecurityCenter now support Tivoli Endpoint Manager (TEM) as a patch management platform in which patch-level information can be extracted for given scan targets.