Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Secunia Updates Vulnerability Intelligence Manager

Secunia, a Copenhagen, Denmark-based provider of vulnerability management solutions, has updated its vulnerability management platform to proactively alert organizations of software vulnerabilities so they can hopefully be addressed before infrastructure is compromised.

Secunia

Secunia, a Copenhagen, Denmark-based provider of vulnerability management solutions, has updated its vulnerability management platform to proactively alert organizations of software vulnerabilities so they can hopefully be addressed before infrastructure is compromised.

Secunia

The latest version of Vulnerability Intelligence Manager (VIM) will help organizations handle vulnerabilities and protect business-critical data and sensitive systems against potential attacks, Secunia said Tuesday. Secunia improved the user interface, asset matching capabilities, and the data export in VIM 4.0, the company said.

VIM 4.0 also now integrates with Secunia Corporate Software Inspector (CSI), the patch management software that scans and deploys matches from Microsoft and other third-party programs. Secunia released CSI v6.0 this past August, adding Red Hat Enterprise Linux support in addition to existing Windows and Mac OS X support.

While IT teams are getting better about staying on top of official patches from Microsoft, it is not enough, the company says, noting that just 22 percent of vulnerabilities are in Microsoft programs and the operating system, while the remaining 78 percent are in third-party programs.

“It is critical to have the correct vulnerability intelligence to spot the vulnerabilities” in third-party programs, Morten R. Stengaard, director of product management and quality assurance at Secunia, said in a statement.

Attackers are increasingly taking advantage of security flaws in software to get a foothold in to network. Any program downloaded to an employee laptop or personal device that can connect to the corporate network is “a threat to the organization’s security,” Secunia said. As a result, organizations have to proactively be aware of what vulnerabilities are still not patched in all installed applications.

With Secunia VIM, organizations have access to vulnerability intelligence, a comprehensive vulnerability management tool, and threat intelligence covering more than 40,000 systems and applications. Threat Intelligence gives organizations comprehensive real-time data about software vulnerabilities customized to their needs, and gives external auditors the information they need to ensure the organization is meeting compliance requirements, Secunia said.

“This is particularly important to corporations and organizations in the US, who have to meet exacting standards to keep their IT infrastructure secure, and who risk heavy fines if they do not meet the compliancy requirements that apply to their particular industry,” said Stengaard.

Advertisement. Scroll to continue reading.

The Secunia VM automates compliance management with guidelines, and gives organizations the ability to formalize and automate tasks relating to assessment, remediation, workflow approvals, exception management, and consolidated reporting, Secunia said. VIM 4.0 eases the task of defining and managing policies, mapping policies to controls, and collecting evidence the company is compliant.

Staying on top of the vulnerabilities allows organizations to address all security threats before criminals manage to compromise the network. VIM 4.0 gives teams relevant data so that teams don’t spend their time “frantically trying to figure out” which issues to address in what order, Stengaard explained.

“The acclaimed quality of the intelligence delivered by Secunia’s Research Team is the backbone of the solution, and that intelligence becomes pure power in the hands of the security teams in the organizations,” Stengaard said.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.