Secunia and F-Secure detect obsolete programs on corporate networks
Security specialist Secunia has updated its Vulnerability Intelligence Manager (VIM) to version 4.0, adding a number of new features to the tool. VIM is designed to give administrators early warning about new security holes in their corporate infrastructure. To use it, administrators register the applications that are being used in their corporate network with the web service. If a vulnerability in one of the products becomes known, VIM will send an SMS text message or email to the registered administrator. Alternatively, the data can also be accessed via an RSS feed.
The company says that VIM now supports more than 40,000 programs; the data originates from Secunia's well-maintained vulnerability database. Version 4.0 of Secunia's VIM adds features such as an interface to the Corporate Software Inspector (CSI) patch manager. This enables users to create notification profiles that are based on the installed application information that CSI collects from clients.
From November, F-Secure also plans to ensure that corporate customers promptly install security updates for their applications. The F-Secure Protection Service is being extended to include a software updater module that tracks down obsolete programs and can, if required, even install the appropriate updates – similar to Secunia's CSI.
Talking to The H's associates at heise Security, F-Secure said that the technology it uses has been licensed from another company. However, F-Secure declined to reveal whether the licenser is Secunia or a different company.
Update 02/11/12: Secunia has told heise Security that there is no cooperation between it and F-Secure.