Posted by: Ed Tittel
Desktops, Enterprise desktop, Secunia, Secunia Network Inspector (NSI), vulnerability scanner, Windows Update, Windows Vista
I’ve been working in some depth around Windows security topics since 1997, when I began teaching Windows hardening classes at Interop with my colleague and co-author James Michael Stewart. In 2003, I started researching malware topics and tools, a quest that eventually led to my 2005 book “Fighting Spyware, Viruses, and Malware” for PC Magazine Press. Along that path, I became familiar with Swedish infosec firm Secunia, whose many threat and vulnerability warnings, proof of concept exploits, and timely malware information always proved accurate and reliable.
Yesterday, Secunia released a final version (184.108.40.206) of its Personal Security Inspector, a free, single-shot vulnerability scanner that examines Windows PCs running Windows 2000, Windows XP, Windows Server 2003, and Windows Vista to make sure that Windows Updates are current and correct, and that checks installed applications to make sure they are also patched and up-to-date. The tool flags unpatched code, and end-of-life programs that are no longer being updated, to help individuals update or replace potential sources of vulnerability on their desktops.
For enterprise use, Secunia also makes a Network Software Inspector (NSI, currently at version 2.0) available to companies and organizations that want to perform similar scans on the PCs on their networks. At 20 Euros per machine per year (about $25.68 at today’s exchange rates), it’s not too different from what the Microsoft Baseline Security Analyzer (MBSA) can do for Windows and MS apps. But when you add its substantial (over 7,000 programs) database of applications with security status, and its built-in, easy-to-use, and intelligible remediation advice, NSI comes out way ahead at a very reasonable per-user cost (contact Secunia sales for purchases of over 50 seats, where discounts begin to kick in).
If you’re interested in trying out this outstanding tool, you can download a 30-day evaluation copy at no charge. It’s definitely worth digging into further for those companies or organizations seeking to deploy a good vulnerability scanner, or those interested in replacing their current scanner with something better and more capable.
On a personal note, let me wish all my readers and their families a happy holiday, with plenty of quality leisure time and good eats. I’m off shortly to pick up a brined Kosher turkey, and expect wonderful results when it emerges from the oven tomorrow afternoon.