A new Flexera Community experience is coming on November 25th. Click here for more information.
[IMPORTANT UPDATE: 9 December 2020] Great news - Our Flexera customer and partner community now have a direct opportunity to share ideas and participate in future feature planning. Learn more and add your ideas via the Ideas Portal moving forward. Please note if you have added an idea to this discussion, we will migrate the idea to the new portal and notify you once it's been done. Thank you to everyone for active participation!
---------------------------------------------
You may notice that we don’t currently have a replacement for the Ideas functionality here in the new community. This is temporary-- we are planning to launch ideation as a feature of this new community later this summer. In the meantime, please this discussion forum to continue to provide product feedback on Software Vulnerability Manager (SVM) and Software Vulnerability Research (SVR). Please don’t worry about reposting ideas you may have previously submitted; when the ideation capability is reintroduced here it will include any feedback you may have previously provided.
Apr 04, 2019 08:40 AM - last edited on Dec 09, 2020 02:42 PM by KPBussey
I recently had a customer that suggested the following enhancements, most around blacklisting:
Apr 18, 2019 08:28 AM - last edited on Feb 13, 2020 09:04 AM by KPBussey
Thanks Bill. I appreciate you passing these on, particularly the blacklist related items. As for the others, is there something beyond what we currently offer that the customer was looking for beyond our current functionality?
Apr 18, 2019 12:30 PM
As for the Database Cleanup, they want to be able to schedule say a 30 day cleanup to run weekly without having to go in and manually click Execute Now (remove the manual process).
As for the scan randomization, the upper limit is 60 minutes, but even with 60 minutes, some of their scans will error out when trying to upload scan results with a HTTP 500 error (during heavy scan volume). They're using the in-memory CLI scan method via SCCM using -si 60. They scan over the weekend within certain windows (they do not want to scan on weekdays). I had suggested they could break the scan groups up further, but they're already broken up into 3 collections to eliminate some of the errors with results not reporting back to the cloud. The simple fix in their opinion would be to have the option to randomize over 2 hours (or 3 hours...have a higher upper limit).
Apr 18, 2019 01:01 PM - last edited on Feb 13, 2020 09:05 AM by KPBussey
Thank you for the additional details!
Apr 18, 2019 02:37 PM
Are they on the current version of the app? The more recent "delta" scan logic might also help with this if they are on an older version. Could see if switching off agent polling helps as well. This was introduced in the R5 release.
Not 100% sure but they most likely need the R5+ agent as well.
Apr 19, 2019 11:51 AM - edited Apr 19, 2019 11:55 AM
Apr 23, 2019 09:11 AM
Do you plan to support the monitoring of network devices, such as firewalls, routers, etc?
Sep 05, 2019 02:17 AM
Hi @sebastien_dorc,
The "Software Vulnerability Research" product by Flexera provides scan-less tracking of each one of the 61K+ software products supported in our Vulnerability Tracking Database. Large chunk of the products in the supported list is made of firmware and software for security devices such as Firewalls, Proxies, Cisco Routers, all-in-one security appliances, and all sorts of high-end business applications from all major vendors.
Check this page:
https://www.flexera.com/products/operations/software-vulnerability-research.html
If you are interested to know more, feel free to drop me a community message (hover over my name for options) and I will connect you to one of our representatives that can provide a demo or more details about it.
Cheers,
Sep 05, 2019 05:58 AM
As @RDanailov says, we do provide research on such devices (SVR), we do not have any current plans to assess where these are applicable and require updates the way we do for software on Windows, Mac and RHEL.
Sep 05, 2019 08:20 AM
Hi @bkelly,
In the SVR product, the ticketing system is not user-specific.
We show the total number of tickets for all users; regardless of their Roles/Groups. Thus, sub-accounts with restricted view to specific queues would anyway see the total number of tickets under root.
A customer of ours pointed this out and requested us to change this accordingly.
Ideally, when the user is restricted to a particular view, he should see the ticket count that he has rights to see.
They have multiple teams who work with different ticket queues. An engineer from one team cannot see the tickets of the other teams by default. When engineers go to the ticket manager, the number of tickets on the top is very confusing. The ticket number is for all tickets even though the user cannot really see those.
Tagging: @fh_open_ch
Apr 29, 2019 11:00 AM - last edited on Feb 13, 2020 09:04 AM by KPBussey
May 02, 2019 11:51 AM
We migrated to SVM Next last fall and there are some features I really miss from the "on-prem" version.
Conversely, would you mind sharing what things about SVM Next encouraged you to move away from SVM 2019 (which is also available in the cloud)?
1. On the Patching Tab, it used to show how many machines/installs were affected by each patch. Now, I have to go back to the Assessment tab or the Dashboard to see that information again.
Some differences in how SVM Next maps patches to assessment make this non-trivial but I understand the request and will consider what might be done to address it.
2. The ability to *see* what paths that the patch would target. How do we know what the cloud version patches are hitting? Do I have to manually add all the paths that come up in Assessment to make sure they are being addressed?
We automatically include all matching paths, and add default paths too, but as you point out there is no good way to see this in SVM Next. The Daemon logs have the information, but it is not exposed in the user interface. It can also be found on the WSUS server, but is not easy to see. There are some timing issues in that all paths are not known when a template is created as they are dynamically assigned upon deployment. All this to say it is not as trivial a request as it may seem but will be considered.
3. DB cleanup was much easier for a large number of hosts. In the cloud, having to manually click and delete thousands of machines at a time (my company does ~3K PC refreshes a month) is a non-starter. (Support has provided me with a script that make it a lot easier, but I can't imagine I am the only one with this issue).
Multi-select would still be onerous, I think a script is the way to go when it comes to large bulk operations. The script is documented and supported. We automatically clean up hosts that have not reported in 90 days, which is the most common ask, beyond this we'll lean on our documented API to handle such operations.
Thanks again for taking the time to provide this valued input.
May 03, 2019 03:54 PM - last edited on Feb 13, 2020 09:03 AM by KPBussey
Conversely, would you mind sharing what things about SVM Next encouraged you to move away from SVM 2019 (which is also available in the cloud)?
The choice was made by my predecessor, but I believe it had something to do with API capabilities.
We automatically clean up hosts that have not reported in 90 days, which is the most common ask, beyond this we'll lean on our documented API to handle such operations.
Really? I was not seeing that. Regardless, between PC refresh, and hot swaps for repairs, we are doing about 3000-4500 change outs a month.
May 22, 2019 04:50 PM
@segilbert70
SVM Support Team has several API scripts that can be used to clean up stale hosts from account database in specific cases such as yours is. As the 90 days default cleanup period may come too long to wait for purging stale entries, do feel free to open a support case with us and we will gladly share our API scripts with you, to help you automate cleanup procedures in a more frequent manner. Would this be of any help to you?
May 23, 2019 04:22 AM
Report enhancement ideas:
-> emailed report should include report name in the email subject
-> attached report zip file should also include report name
-> SVM should be able to send report to an email without providing login credentials
May 13, 2019 12:44 AM - last edited on Feb 13, 2020 09:05 AM by KPBussey
May 13, 2019 08:54 AM
For SVM, the ability to import hosts (or other items) from a list to Smart Groups -- Recently I created a group of 70 hosts. It was a very manual process of 1) searching for a hostname 2) clicking the check box to add to group 3) repeat 69 times.
I would like to create Smart Groups with more hosts, but don't want to do it manually. Importing from a list would make it much easier. The ability to leverage Active Directory security groups or SCCM collections to create smart groups would be awesome too.
May 21, 2019 02:59 PM - last edited on Feb 13, 2020 09:05 AM by KPBussey
Idea: Ability to view custom actions by type.
I'd like to submit an idea to enhance the Custom Actions and Sequences view. I have dozens of custom actions, and while they are listed in alphabetical order, it is still hard to find some of them, especially if you don't know or remember what they are named. A solution to this problem would be to add a custom action filter to view custom actions by type. Since I always know what type of custom action I am looking for, this would be the easiest way to locate it. If I'm looking for a Set Property custom action I should be able to filter only Set Property CA's and they would then display in alphabetical order.
Jun 10, 2019 10:05 AM - last edited on Feb 13, 2020 09:06 AM by KPBussey
Jun 21, 2019 01:22 PM
Hi @bkelly
We've got a user suggestion at the Forums which I wanted to transfer here for visibility purposes.
See https://community.flexera.com/t5/Software-Vulnerability/Software-Vulnerabilty-Manager-SVM-login-user-field-contains/m-p/106133#M51
I've provided a workaround to the user, but it would be great to have this improved by default. This enhancement relates to allowing users to use best-security practices with SIEM solutions and avoid copied passwords and usernames into the Clipboard/RAM.
Jun 28, 2019 03:45 AM - last edited on Feb 13, 2020 09:08 AM by KPBussey