Secunia CSI 7.0 released
Posted on 05 September 2013.
Secunia released Secunia Corporate Software Inspector 7.0, which introduces new features and improvements for vulnerability and patch management.

The foundation of the Secunia CSI is a combination of vulnerability intelligence and vulnerability scanning, with patch creation and patch deployment integration. The Secunia CSI integrates with Microsoft WSUS and System Center 2012 and third-party configuration management tools for easy deployment of third-party updates, making patching a simple and straight-forward process for all IT departments.

It comes with these new and improved features:

Smart Groups 2.0: Create Smart Groups designed to prioritize remediation efforts by filtering and segmenting data based on hosts, products or impact, and to receive alerts when a threat is detected.

User Management: Create user accounts with different roles and permissions.

Patch Configuration: Get configurable patches out-of-the-box that can be easily customized to support your environment, for example to avoid desktop shortcuts or to disable auto-update for a program.

Web Console (SaaS): Log in to the Secunia CSI from an internet browser for instant access to your data and reports - anywhere, at any time.

Password Policy Configuration: Determine and enforce the global password policy for your organization to comply with internal and external policies, as well as to meet best-practice standards in your industry.

Live updates: Get an immediate overview of how a new vulnerability affects your infrastructure as soon as the advisory has been released by Secunia Research, based on your latest scan results.

PSI for Android: Scan Android devices for vulnerabilities with the Secunia PSI for Android, and integrate it with the Secunia CSI to support your BYOD policy.

Secunia SC2012 Plugin 2.0: For CSI integration with Microsoft System Center 2012. This add-on makes it possible to deploy all third-party updates directly in Microsoft System Center 2012.

Zero-Day Vulnerability Support: This add-on includes SMS or email alerts whenever a new zero-day vulnerability is discovered that affects the particular IT infrastructure. It is designed for organizations that have a sufficiently sophisticated security apparatus to enable them to act on the zero-day threat intelligence.


Chrome extension thwarts user profiling based on typing behavior

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Jul 29th