Last week I blogged about Danish information security firm Secunia’s outstanding Network Software Inspector. In that capsule summary I neglected to mention that Secunia sends out e-mail updates to all registered users any time the rules base gets updated.
This turns out to have significant value, of course, because some updates are more important than others–Microsoft Security Updates are probably the best example, especially those pushed to Windows Update outside the usual Patch Tuesday cycle. In this case, my reminder came in the form of an observation that Sun had released a new set of Java and Java Runtime Executable (JRE) updates, which addressed some reasonably serious (Category 4) vulnerabilities from the previously-current version.
This was all the information I need to go out and grab the updates for the various Vista and XP machines that I work on every day. In an enterprise setting, the same email can trigger the download-test-push cycle that’s more typical for updates in such environments. Either way, timely access to this kind of information is absolutely invaluable, and lets us all respond more quickly as and when known vulnerabilities are patched or fixed.
The Secunia vulnerability scanning toolset is a good one, and this real-time e-mail update service only makes it better. I hope you’ll check it out, and try it out, in your own environments.