Aug 15, 2019
08:38 AM
1 Kudo
Agreed! We have plans to provide just that. I cannot offer a release date here but can assure you it is a well known need that we intend to deliver.
... View more
Aug 13, 2019
11:45 AM
AdminStudio 2019 R2, released on August 13th 2019 features:
Package Feed Module
Package Feed Module PowerShell Cmdlets
Support for Windows 10 - 1903
The Package Feed Module
The Package Feed Module integrates details about thousands of vendor setups into AdminStudio to save you hours of research and testing. You can now subscribe to up to date, tested, installation details for nearly 3,000 vendor setups. With the Package Feed Module, AdminStudio now provides:
Awareness. Always up to date, you’ll have valuable details on the very latest version of thousands of vendor installers
Integrated downloads. Download the latest setups directly into AdminStudio with a click (available for over half of listed products; limited by vendor policy)
Validated silent command line options. Application version-specific silent installation commands, tested and ready for use (available for most entries; limited by vendor support)
Detection rules. The primary file path and file name as well as version details to confirm the currently installed version for use as applicability rules in SCCM or to create a WSUS patch.
For more detail, see this blog post which provides more specifics as well as a quick demo video.
New PowerShell Cmdlets in support of Package Feed Module
Take full advantage of the Package Feed Module in AdminStudio Enterprise with new PowerShell Cmdlets. Watch the community soon for a blog post where we will show how you can fully automate the package creation process and keep up with the latest new versions with these Package Feed Module PowerShell Cmdlets:
Invoke-ASPackageFeedSync - Synchronizes the package feed data, so the entries in the Package Feed Module is always up to date
Invoke-ASPackageFeedSearch - Searches for an application in the Package Feed Module based on Product Name and Version supplied
Get-ASPackageFeedDetails - Fetches the details of an application like Silent command line switches, file name, etc.
Invoke-ASPackageFeedDownload - Downloads the setup file to the configured download path
Additionally, some existing PowerShell cmdlets were extended to support Package Feed Module
Set-ASOptionProperty - Configures the download path for the setup file to be downloaded from the Package Feed Module
Get-ASOptionProperty - Fetches the download path where the setup file is downloaded from the Package Feed Module
Invoke-ASImportPackage - Imports the downloaded application to the application catalog
Windows 10 Build 1903 Support for Application Compatibility
We’ve also added the latest build of Windows 10 (1903) to AdminStudio’s continuous compatibility support so you can verify application compatibility against this, and the previous 5 builds, of Windows 10.
... View more
Aug 13, 2019
09:37 AM
4 Kudos
If you are like most desktop admins, you don’t repackage near as much as you once did. There was a time when it was a challenge to run a vendor silent installation silently, let alone inject any sort of customizations. With the popularity of MSI, that quickly changed—while at the same time software vendors generally came to understand and support the demand for automated deployment options. MSI or not, today, about 85% of applications can be deployed without a need to repackage the vendor setup. And that is a good thing! After all, reverse engineering an installer in order to create your own was something done out of necessity and such a path comes with some supportability risk when dealing with the vendor when things went wrong.
This is exactly why for the last two years, AdminStudio has been heavily investing in helping to make leveraging native vendor setups easier, while lowering the risk of deployment. This week, I’m very pleased to announce our most significant move in that direction to date: the Package Feed Module. Available for AdminStudio’s Professional and Enterprise editions, you can now subscribe to up to date, tested, silent installation details for nearly 3,000 vendor setups. And that’s just the start. With the Package Feed Module, AdminStudio now provides:
Awareness. Always up to date, you’ll have valuable details on the very latest version of thousands of vendor installers
Integrated downloads. Download the latest setups directly into AdminStudio with a click (available for over half of listed products; limited by vendor policy)
Validated silent command line options. Application version-specific silent installation commands, tested and ready for use (available for most entries; limited by vendor support)
Detection rules. The primary file path and file name as well as version details to confirm the currently installed version for use as applicability rules in SCCM or to create a WSUS patch.
With such a huge number of installers being tracked and tested, there can be as many as a hundred updates in a single day due to the addition of new versions and updates. This includes over 100 Mac packages.
In just a couple of clicks you can add a vendor package to AdminStudio. With another click, you can wrap it in a PowerShell or EXE script wrapper, with another you can publish it to your deployment system of choice. Never has it been so easy to create new deployment packages!
Saving you considerable time researching and experimenting, creating an initial deployment package goes from what may have been hours or days, to just a few minutes. But wait, there’s more! With AdminStudio Enterprise’s PowerShell support you can automate the entire process. Watch this blog soon for example scripts that will allow you to take a simple list of software titles and automatically create packages for them all. Imagine taking an inventory report and feeding it to a script to have AdminStudio automatically, download, wrap, and publish a deployment package for them all!
View the list of supported applications and to learn more, visit https://www.flexera.com/adminstudio-pfm
... View more
Aug 13, 2019
07:29 AM
1 Kudo
A silent installation from the vendor is not supported. We are adding Truecrypt 7.1a to the Package Feed Module launching later today (August 13th) but the help provided on this particular application will be limited to download, uninstall and detection details because the vendor does not support a silent installation. Even when repackaged with AdminStudio, the deployment community is reporting this one is a particular challenge. See this thread on my old ITNinja site.
... View more
Aug 12, 2019
09:27 AM
I'm not sure about desktop shortcut and restore point options and how such might be supported by the vendor installer (typically such would be the job of a wrapper script using something like PSADT, which is integrated as a feature of AdminStudio).
It does appear to offer a portable mode that requires no installation so a custom installation script looks like the right approach at a glance. Will look into it further and come back with findings here.
... View more
Aug 09, 2019
08:52 AM
2 Kudos
In order to enable High-Availability (HA) for an on-prem installation of SVM 2019 you would need to do this locally with your on-prem virtualization hosting solution. This would normally be accomplished using the VSphere HA utility provided by VMWare.
... View more
Aug 08, 2019
03:00 PM
It depends upon just what you mean by High Availability. We do offer a cloud version where we host SVM 2019 in AWS (as opposed to on-prem). If you mean you would like to use your own virtual infrastructure to have High Availability on-prem, I'm sure it could be done but it would be up to your implementation versus anything we'd be able to provide. Please let me know if that does not sufficiently answer your question.
... View more
Aug 06, 2019
09:33 AM
3 Kudos
Repackager is exclusive to AdminStudio and is not provided as part of InstallShield. I will see about having this made more explicitly clear, but InstallShield does not currently document what is not included. Still, a comparison of what comes with AdminStudio versus InstallShield is a good idea.
As you suspected, licensing does not permit you to use the copy of the Stand Alone Repackager purchased for your previous organization at your current organization. Copies from other customers, or trials may not be used to create production packages for your organization-- such is indeed a breach of the license agreement.
... View more
Aug 02, 2019
07:08 AM
1 Kudo
Yes, you can install in a VM. There are no license restrictions here. However, I would suggest installing AdminStudio on your physical machine and running Repackager on your VM from a mapped drive or network share. This way you minimize contamination of your reference system and avoid the complications of maintaining the AdminStudio application catalog database in an environment constantly being reset.
... View more
Aug 02, 2019
07:02 AM
2 Kudos
SVM provides EOL status and not dates at this time. There is an Advisory Published date you can sort on if you are trying to determine age. As we work to unify the back end data between our various products our goal is to not only reduce the need for different agents but to unlock the ability to leverage data between offerings (in this case to expose EOL dates from Data Platform which were outside the scope of our original security data for SVM).
... View more
Jul 31, 2019
08:34 AM
4 Kudos
The team at Flexera continues to deliver on the promise of providing a better way to mitigate security risk for organizations that simply can't afford to keep throwing people at the challenge of addressing software vulnerabilities.
Proper software vulnerability management means effectively identifying and prioritiz ing the work of patch management, leveraging insights based on t hreat and v ulnerability intelligence . With over 20,000 new vulnerabilities every year, businesses simply can't patch all applications and so must spend their time and effort only on those that represent a significant risk to their IT infrastructure . This can be achieved with Software Vulnerability Manager thanks to four key attributes necessary for success.
Reliable Research
Effective Assessment
Intelligent Prioritization
Rapid Remediation
Improving the power of SVM, we’ve had significant new advances in the areas of both prioritization and remediation . But let’s quickly address each to better appreciate the context of these recent enhancements …
Reliable Research . Acquired by Flexera in 2015, Secunia is well known for quality security research. The Secunia Research team has written over 3,300 insightful security advisories so far this year and it is this valuable research on which SVM is built. Advisories are product-version focused and may contain multiple CVE references. This makes understanding and ranking the importance of updates much e asier by focusing on the product version's collective vulnerabilities, versus on specific individual vulnerabilities. Vulnerabilities are validated, documented and rescored based on very specific criteria, providing a normalized view as compared to the wild inconsistencies you’ll observe in a raw resource like the National Vulnerability Database (NVD).
Effective Assessment . File signatures are leveraged to quickly and accurately identify vulnerable versions of software. In many cases, a simple inventory does not provide the granularity necessary to accurately identify the existence of a vulnerable software version . SVM detects over 50k vulnerable software versions.
Intelligent Prioritization . SVM shows you how many vulnerable software instances exist and where they are. Not all assets represent the same risk so you may wish to focus on one group of devices over another. Naturally, with the research attached , you can prioritize based on criticality rating or CVSS score, leveraging our vulnerability intelligence. Further, you can now consider which vulnerabilities have exploits in the wild, leveraging our threat intelligence. Most organizations have more to patch than they have resources to do so, with more popping up regularly. Ensuring you are focusing on those that represent the most risk to your organization is crucial.
Rapid Remediation . With the new SVM Vendor Patch Module, you can now leverage over a thousand out-of-the- box patches (as well as get help with an additional thousand others) . Over 50% of time spent on patching is typically focused on researching and testing how to create a patch . Get that time back with integrated access to the largest set of patch information available on the market.
SVM keeps getting better. The recent addition of threat intelligence , and now a gigantic set of out-of- the-box patches is just the beginning. SVM has also just recently released a documented API for SVM 2019, so that you can integrate with other systems and automate custom reporting. Stay tuned for more great enhancements to the best way to protect your organization from the dangers of unpatched software .
... View more
- Tags:
- SVM
Labels
Jul 29, 2019
09:01 AM
1 Kudo
To clarify, SVR supports SSO. SVM 2019 (either hosted or on-prem) does not support SSO today, but it is indeed planned and something we are working to deliver. Thanks!
... View more
Jul 24, 2019
10:24 AM
1 Kudo
Today marks the release of SVM 2019 R3 (for cloud, the on-prem edition will be updated next week) which has some new capabilities I think you’ll really appreciate! It includes the new Vendor Patch Module, documented APIs, as well as agent and smart group enhancements.
The Vendor Patch Module is a new optional feature of SVM 2019 that provides over a thousand out-of-the-box patches as well as details to help you easily create over a thousand others.
API Support is now documented allowing you to integrate SVM 2019 with other systems and processes as well as to pull data for the creation of custom reports.
A signed version of the SVM agent is now available. The standard agent downloads are still available which inject a token to match the agent to your account. This is simple to use but breaks our ability to sign the agent. For those that wish to use a signed version of the agent, a separate download is now provided for which you can specify your account token via an INI file or registry entry (see documentation for details).
CVSS scores have been added as available criteria when creating new Product or Advisory based smart groups. This way, you can focus on specific ranges of products and advisories based on criticality. You’ll also notice the SVM login screen looks different—this was introduced for some consistency between products.
For more details on SVM 2019 R3, please see the release notes. For more details on the Vendor Patch Module, see this blog post.
... View more
Labels
Jul 24, 2019
10:16 AM
7 Kudos
As you see what this is and what’s gone into it, I think you’ll quickly appreciate that this is the result of a very large effort by a lot of people. It took a very long time to bring it to you—I am appropriately excited to finally unveil it to you!
SVM takes software patch management far beyond that of a simple patch catalog. It provides integrated vulnerability research by our Secunia Research team, assesses where vulnerable software is found and provides you with easy-to-leverage insights for prioritizing remediation efforts. It also provides patches so you can more quickly remediate popular applications by publishing updates via WSUS or SCCM. Our patches are wrapped in scripts that provide consistency and customization options. They can also handle edge cases where the vendor update may not behave as expected. To offer such patches, many criteria needed to be met, including the need for the set up to be freely distributable, silently installable and to behave as reliably as expected. Additionally, SVM is all about addressing software vulnerabilities, so we only created patches when a known security vulnerability would be addressed.
Organizations spend way too much time creating deployment packages to update software, and see a patch catalog as a way to offset some percentage of that effort. SVM offers far more patch management capabilities than any patch catalog ever could. However, choosing SVM for all its insights and capabilities should not mean compromising on accessing a large number of time-saving patches.
Today, with the release of the Vendor Patch Module, SVM can now provide over a thousand patches out of the box, as well as details on more than a thousand others to help you create even more patches faster.
With awareness of so many vulnerabilities (thanks to Software Vulnerability Manager) and so many patches at your disposal (thanks to the Vendor Patch Module) you are likely to quickly appreciate the need for intelligent prioritization. Some environment-specific testing is still required, and so you must resist just publishing huge numbers of patches, and prioritize appropriately to patch responsibly. SVM helps you to prioritize by prevalence (how many affected devices are out there), by criticality (the seriousness of a vulnerability), by affected assets (it is common to prioritize some groups of devices over others), and finally, by our new threat score. A threat score is a 0-99 value illustrating the likelihood the vulnerability is being exploited.
Threat Intelligence introduces a new level of insight in prioritization. Most exploited vulnerabilities see a CVSS score between 4 and 7 which would make them outside a typical prioritization that focused on criticality alone. In fact, if you look at the top 20 biggest software vendors, they only represent about 20% of last year's exploited vulnerabilities. SVM with the Threat Intelligence Module and the new Vendor Patch Module work great together by helping you to better prioritize the many patches now at your disposal.
And to that end, there is a promotion on now for the first 100 customers who purchase the Vendor Patch Module: We will provide a free year of the Threat Intelligence Module. Contact your customer support manager or sales representative today to take advantage or contact us here .
Resources
Webinar Registration
Datasheet
List of Patches Included
Documentation
... View more
Labels
Jul 22, 2019
09:39 AM
3 Kudos
It shows this way because the agent is not signed. When you download the agent from your account, a token is injected on the fly to identify your account which prevents our ability to offer a signed agent today. In our upcoming release, we will provide the option to used a signed agent and look to an INI file or registry entry for the token instead of injecting it in this way. This enhancement is planned for release later this month (July 2019).
... View more
About
Founder of ITNinja (formerly AppDeploy), author, Microsoft MVP and regular speaker on topics related to application and desktop management and security. Check out a portfolio of my work at https://www.bkelly.com
Director, Product Management
Charlotte, NC
Latest posts by bkelly
Subject | Views | Posted |
---|---|---|
32 | Jan 26, 2023 08:52 AM | |
187 | Jan 11, 2023 08:32 AM | |
199 | Jan 11, 2023 08:10 AM | |
213 | Jan 11, 2023 07:56 AM | |
261 | Dec 15, 2022 03:05 PM | |
321 | Dec 14, 2022 03:01 PM | |
353 | Oct 25, 2022 01:30 PM | |
595 | Sep 28, 2022 10:06 AM | |
624 | Sep 27, 2022 11:59 AM | |
415 | Sep 21, 2022 07:44 AM |
Activity Feed
- Posted Re: SVM: Software not recognized - can it be added for recognition? on Software Vulnerability Management Forum. Jan 26, 2023 08:52 AM
- Posted Re: SVM supported operating systems and versions on Software Vulnerability Management Forum. Jan 11, 2023 08:32 AM
- Posted Re: SVM supported operating systems and versions on Software Vulnerability Management Forum. Jan 11, 2023 08:10 AM
- Got a Kudo for Re: SVM supported operating systems and versions. Jan 11, 2023 08:10 AM
- Got a Kudo for Re: SVM supported operating systems and versions. Jan 11, 2023 07:57 AM
- Posted Re: SVM supported operating systems and versions on Software Vulnerability Management Forum. Jan 11, 2023 07:56 AM
- Kudoed Re: SVM supported operating systems and versions for james_ellis. Jan 11, 2023 07:56 AM
- Got a Kudo for Re: SVM supported operating systems and versions. Jan 11, 2023 07:56 AM
- Kudoed Monthly Vulnerability Insights: December 2022 for raslam. Jan 05, 2023 08:37 AM
- Posted AdminStudio 2022 R2 SP1 on AdminStudio and Workflow Manager Release Blog. Dec 15, 2022 03:05 PM
- Got a Kudo for AdminStudio 2022 R2 SP1. Dec 15, 2022 03:05 PM
- Got a Kudo for AdminStudio 2022 R2 SP1. Dec 15, 2022 03:05 PM
- Posted SVM December 2022 Update on Software Vulnerability Management Release Blog. Dec 14, 2022 03:01 PM
- Got a Kudo for What Should Our Next Packaging Experts Roundtable Topic Be?. Oct 27, 2022 03:25 AM
- Posted What Should Our Next Packaging Experts Roundtable Topic Be? on AdminStudio Forum. Oct 25, 2022 01:30 PM
- Got a Kudo for Automating the Application Readiness Process with PowerShell. Oct 25, 2022 07:09 AM
- Got a Kudo for Automate Package Creation for New Software Releases. Oct 25, 2022 06:44 AM
- Posted Re: Package Feed request: Oracle SQL Developer on AdminStudio Forum. Sep 28, 2022 10:06 AM
- Posted Re: Package Feed request: Oracle SQL Developer on AdminStudio Forum. Sep 27, 2022 11:59 AM
- Got a Kudo for Software Suggestion Guidelines. Sep 27, 2022 10:22 AM