Flexera - Corporate Software Inspector
Multi-Platform Patch Management Solution
Patch management with Corporate Software Inspector
Corporate Software Inspector gives you the when, where, what and how of security patching. It tells you when a software vulnerability with an available patch is threatening your infrastructure, where it will have the most critical impact, what the right remediation strategy is and how to deploy it. Secunia Research continuously verifies vulnerabilities and the effectiveness of the patches published by the vendors. This intelligence is then matched to your infrastructure, making it possible to prioritize, plan and execute workflows, and document your risk reduction efforts.
Intelligent, multi-platform security patch management
- Gives you complete visibility over your systems
- Enables you to fix vulnerabilities before they are actively exploited
- Lets your team know what to patch and how - for maximum impact and consistent risk reduction
- Covers 20,000+ programs on Windows, macOS and Red Hat Enterprise Linux (RHEL)
What is Corporate Software Inspector?
Corporate Software Inspector includes an authenticated internal software inventory scanner. It can assess the security patch status of more than 20,000 programs running on Windows, Apple macOS and Red Hat Enterprise Linux (RHEL) platforms.
It delivers patching, configuration tools and hundreds of pre-configured patches for non-Microsoft applications running on Windows platforms.
The seamless integration with Microsoft System Center and Windows Server Update Services for security patch management means you maximize your investment and manage patching of non-Microsoft products easily from within Microsoft System Center, using your existing infrastructure.
Will Corporate Software Inspector be a good fit for my organization?
Corporate Software Inspector is used across multiple segments, including Fortune 1000 companies, small to medium-sized businesses, consultants and managed service providers.
Our scalable, secure, end-to-end solution works equally well, whatever the environment.
Microsoft System Center Configuration Manager Integration
Corporate Software Inspector integrates seamlessly with Microsoft System Center Configuration Manager (SCCM). From Microsoft System Center 2012 you can manage all your security updates - including the non-Microsoft ones – and patch directly from one console.
Extensive Program Coverage
Corporate Software Inspector covers programs and plug-ins from thousands of vendors – more thirdparty programs than anyone else – including practically every program that runs on Microsoft operating systems.
Easily filter and segment your data to prioritize what is important for you based on products, devices or Secunia Advisories. Create and schedule on-demand reports based on these Smart Group filters. Receive email notifications and SMS alerts to be immediately notified when an event occurs that is relevant to you.
Corporate Software Inspector authenticated scanning process tracks the progress of scans so you get up to date results of unparalleled accuracy.
Corporate Software Inspector Package System (SPS)
- Corporate Software Inspector’s Package System offers enhanced integration with Microsoft Windows Server
- Update Services, which increases your scope and flexibility for patching and configuring hosts.
Scans Apple Mac OSX and RHEL
Corporate Software Inspector scans programs on Windows, Apple Mac OSX and Red Hat Enterprise Linux (RHEL) to empower users to extensively cover their devices and get an even more comprehensive overview of programs and vulnerabilities in their environment.
Get an immediate overview of how a new vulnerability affects your infrastructure based on your latest scan results as soon as the advisory has been released by Secunia Research – no more waiting for the next scanning to take place.
Create user accounts with different roles and permissions, thereby allowing these users to only access the data (for example based on an IP range or your Active Directory) and modules (for example Scanning, Reporting and Patching) that are relevant for them.
- Verified, accurate and timely intelligence from Secunia Research enables you to prioritize remediation activities.
Comprehensive Software Scanning
- Multi-platform scanning for accurate inventory of all software in your infrastructure and correlation with our vulnerability database for effective risk prioritization.
- You get complete visibility of your systems, stay current and reduce the cost of your patch process significantly.
Reduced Patching Costs
- Includes hundreds of preconfigured patches for easy deployment and covers 20,000+ programs – more non- Microsoft programs than anyone else.
- Covers Windows, Apple Mac OSX and Red Hat Enterprise Linux (RHEL) platforms.
- Corporate Software Inspector can be integrated with your preferred patch deployment solution.
- Integrates seamlessly with Microsoft System Center and Microsoft Windows Server Update Services
How It Works:
How corporate software inspector supports the software vulnerability management lifecycle
Software vulnerability management is critical to the security of organizations’ infrastructure and assets. Corporate Software Inspector combines software vulnerability assessment and security patching to assess, mitigate and verify the patch management status in your organization.
- Vulnerability information is verified and described by Secunia Research
- Vulnerability Intelligence for applications running on desktops and servers is sent to our customers
- Non-intrusive, authenticated scan for complete software inventory
- Vulnerability Intelligence is correlated with your software inventory for assessment of patch status of over 20,000 applications
- Vulnerability Intelligence and correlation allow to risk assessment, decision making and distribution of tasks
- Delivers configuration tools for grouping and prioritizing assets according to various criteria
- Delivers tested, pre-packaged, customizable patch content for hundreds of applications
- Delivers a packaging system for easy configuration of patches Integrates with your patch deployment solution for easy deployment
- Performs scans and delivers reports to track and document mitigation, and reassess the patch status of all applications in your environment
Corporate Software Inspector (CSI) 7.0 System Requirements
CSI 7.0 is a web based solution. It is fully functional from the latest version of Internet Explorer. Scan results can also be viewed from other browsers.
CSI 7.0 is a Vulnerability and Patch Management Software Solution that completes and targets the Patch Management process. It combines Vulnerability Intelligence, Vulnerability Scanning, and Patch Creation with Patch Deployment Tool Integration to enable targeted, reliable, and cost-efficient Patch Management.
To use CSI 7.0 console your system should meet the following requirements:
- Min resolution: 1024x768
- The latest version of Internet Explorer (Scan results can also be viewed from other browsers) Internet connection capable of connecting to https://csi7.secunia.com
- First-Party cookie settings at least to Prompt (in Internet Explorer) Allow session cookies
- A PDF reader (for example, Adobe Reader) – optional
CSI 7.0 with Scanning and Patching Capabilities
To successfully scan and create updates the following should also be present when using CSI:
- Internet Explorer 8 or later with the CSI Plugin WSUS installer (Administration console only) Visual C runtime
- Microsoft .NET Framework runtime 4 or later
- If the WSUS Self-Signed Certificate is going to be used, and the user wishes to provision the certificate through the Patching > WSUS/SCCM > Deployment function, Remote Registry service must be enabled on the clients
- Select the target hosts where the certificate is to be installed (CTRL+ mouse click for multiple selection), right-click and select Verify and Install Certificate
The Dashboard provides an overview of your hosts with the help of various „portlets“. Portlets are a collection of components that graphically display key data and allow you to create profiles which can display a unique combination of portlets.
Download and Install CSI Plugin
The first time you login to CSI, click the link on the bottom of the page and follow the on-screen instructions to download and install the CSI Plugin to enable scanning and patching. Please note that the plugin is compatible with, and should be run using, the latest version of Internet Explorer.
The CSI Plugin is installed locally and must be installed on the machine you are running CSI console from. Once the CSI Plugin has been installed the download link is removed from the page.
Download and Install the Secunia Daemon
The Secunia Daemon is a stand-alone executable that executes the scanning and import schedules configured in CSI console. It runs as a background service with no user interaction. You can download the Secunia Daemon here.
The Secunia Daemon integrates a number of local data sources in your network with the Secunia Cloud. It should be deployed to a node in the network that has high availability (for example, the server running the SCCM or SQL server). Once deployed, the Daemon will regularly scan the data sources, based on the configuration created in CSI, for:
- Active Directory scanning
- SCCM import (SQL + WSUS)
- Scheduled exports
- WSUS state change
Agent-based Scan Requirements (Windows)
The flexibility offered by CSI ensures that it can be easily adapted to your environment.
If you choose to scan using the installable Agent (Agent-based scans), the following requirements should be present in the target hosts:
- Administrative privileges (to install the CSI Agent – csia.exe) Microsoft Windows XP, 2003, 2008, Vista, 7 or 8
- Internet Connection – SSL 443/TCP to https://*.secunia.com/ Windows Update Agent 2.0 or later
Agent-based Scan Requirements (Mac OS X)
The following requirements should be met before installing the Single Host Agent on an Intel-based Mac OS X machine:
- Supported Systems: 10.5 Leopard/10.6 Snow Leopard/10.6 Snow Leopard Server/10.7 Lion/10.8 Mountain Lion Administrator privileges at minimum (‘root’ privileges required for the installation)
- Internet Connection – SSL 443/TCP to https://*.secunia.com
- The user installing the agent must have ‚execute‘ permissions on the file (chmod +x)
Remote/Agent-less Scan Requirements (Windows)
If you prefer to scan without installing the CSI Agent (Agent-less scans), the following requirements should be present in the target hosts:
- Ports 139/TCP and 445/TCP open inbound (on hosts)
- File sharing enabled on hosts
- Easy/simple file sharing disabled
- Windows Update Agent 2.0 or later
Scanning Red Hat Enterprise Linux (RHEL)
The scan agent for RHEL uses the inventory which is already present (RPM) and displays this in CSI after being processed by Secunia Detection/Version Rules. To download CSI Agent for Red Hat Linux, go to Scanning > Scanning via Local Agents > Download Local Agents.
Download the Flexera Patch Management Datasheet (PDF).
- Pricing and product availability subject to change without notice.