A new Flexera Community experience is coming on November 25th. Click here for more information.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
bkelly
By
Flexera Alumni

The team at Flexera continues to deliver on the promise of providing a better way to mitigate security risk for organizations that simply can't afford to keep throwing people at the challenge of addressing software vulnerabilities.   

Proper software vulnerability management means effectively identifying and prioritizing the work of patch management, leveraging insights based on threat and vulnerability intelligence. With over 20,000 new vulnerabilities every year, businesses simply can't patch all applications and so must spend their time and effort only on those that represent a significant risk to their IT infrastructure. This can be achieved with Software Vulnerability Manager thanks to four key attributes necessary for success.  

  • Reliable Research 
  • Effective Assessment 
  • Intelligent Prioritization 
  • Rapid Remediation 

Improving the power of SVM, we’ve had significant new advances in the areas of both prioritization and remediation. But let’s quickly address each to better appreciate the context of these recent enhancements … 

Reliable Research. Acquired by Flexera in 2015, Secunia is well known for quality security research. The Secunia Research team has written over 3,300 insightful security advisories so far this year and it is this valuable research on which SVM is built. Advisories are product-version focused and may contain multiple CVE references. This makes understanding and ranking the importance of updates much easier by focusing on the product version's collective vulnerabilities, versus on specific individual vulnerabilities. Vulnerabilities are validated, documented and rescored based on very specific criteria, providing a normalized view as compared to the wild inconsistencies you’ll observe in a raw resource like the National Vulnerability Database (NVD).  

Effective Assessment. File signatures are leveraged to quickly and accurately identify vulnerable versions of software. In many cases, a simple inventory does not provide the granularity necessary to accurately identify the existence of a vulnerable software version. SVM detects over 50k vulnerable software versions. 

Intelligent PrioritizationSVM shows you how many vulnerable software instances exist and where they are. Not all assets represent the same risk so you may wish to focus on one group of devices over another. Naturally, with the research attached, you can prioritize based on criticality rating or CVSS score, leveraging our vulnerability intelligence. Further, you can now consider which vulnerabilities have exploits in the wild, leveraging our threat intelligenceMost organizations have more to patch than they have resources to do so, with more popping up regularly. Ensuring you are focusing on those that represent the most risk to your organization is crucial.  

Rapid RemediationWith the new SVM Vendor Patch Module, you can now leverage over a thousand out-of-the- box patches (as well as get help with an additional thousand others)Over 50% of time spent on patching is typically focused on researching and testing how to create a patch. Get that time back with integrated access to the largest set of patch information available on the market 

SVM keeps getting better. The recent addition of threat intelligence, and now a gigantic set of out-of- the-box patches is just the beginning. SVM has also just recently released a documented API for SVM 2019, so that you can integrate with other systems and automate custom reporting. Stay tuned for more great enhancements to the best way to protect your organization from the dangers of unpatched software