Does SVM have the ability to take a feed of data about what is installed on client computers from Splunk? We're looking to get more up to date/realtime data fed into Secunia without adding another agent to the desktop fleet.
‎Jul 17, 2019 12:05 AM
No, SVM 2019 does not perform assessment based on a simple inventory. Such often does not provide the granularity necessary to determine the specific build of an installed application which is necessary to confirm if the installed version is vulnerable or not. To accomplish this we leverage file signatures (both a quick and accurate method).
The good news is that you do not need to install the agent to perform a scan. Many customers choose to simply run the SVM scan as a scheduled task using SCCM, BigFix, Workspace ONE, etc. A simple command line can do the trick and avoids the need for an installation of the agent. Alternatively, SVM can leverage an SCCM inventory if it is configured to collect details about EXE, DLL and OCX files (which are necessary to support a File Signature based scan).
‎Jul 17, 2019 07:20 AM
No, SVM 2019 does not perform assessment based on a simple inventory. Such often does not provide the granularity necessary to determine the specific build of an installed application which is necessary to confirm if the installed version is vulnerable or not. To accomplish this we leverage file signatures (both a quick and accurate method).
The good news is that you do not need to install the agent to perform a scan. Many customers choose to simply run the SVM scan as a scheduled task using SCCM, BigFix, Workspace ONE, etc. A simple command line can do the trick and avoids the need for an installation of the agent. Alternatively, SVM can leverage an SCCM inventory if it is configured to collect details about EXE, DLL and OCX files (which are necessary to support a File Signature based scan).
‎Jul 17, 2019 07:20 AM
Hello Chris,
We currently support scanning of machines either via SVM agents, remote scans, and SCCM inventory import. However, we don't support importing data via Splunk for vulnerability assessment.
Software vulnerability research can import a list of product that can be added as watch lists.
Let us know if there are further questions.
Regards,
Waqas
‎Jul 17, 2019 07:34 AM