Dec 02, 2021
07:58 AM
6 Kudos
Not AdminStudio content, but of interest to those that work in AdminStudio, I offer the below video shared as my general session from the 2021 App Manage Event where I discuss the following topics...
The importance of packaging today
MSIX: Why and why not
Windows 11 packaging
The SaaS take over
Patch catalogs
Vulnerability management
Endpoint management
Repackaging
Wrapping
.Scripting
... View more
Dec 01, 2021
07:40 AM
1 Kudo
Check our summary of vulnerability data from November 2021! You'll see a decrease in the number of vulnerabilities reported as compared to last month. However, there's been an increase in the number of threats associated with these vulnerabilities. The total advisories published was 500 (down from 526 last month). There was also a slight increase in Extremely Critical Vulnerabilities at 3 (up from 2 last month).
... View more
Nov 30, 2021
09:49 AM
We are happy to announce that a new version of the Software Vulnerability Manager is now available. By design, this does not include any of the ActiveX-dependant capabilities so we encourage you to see our FAQ for details.
Some minor fixes were also included, to see the full release notes, visit https://docs.flexera.com/csi/2021November/rn/Content/helplibrary/SVMCloudRN.htm
... View more
Nov 30, 2021
09:05 AM
6 Kudos
How do I access the new UI?
What browsers are supported by the new UI?
What are some new features of the new UI?
What limitations are associated with the new UI?
Can I still use the old UI?
Why would I want to use the old UI?
What if I am using Single Sign On for SVM?
Should I change my agent and patch daemon connections?
Where can I share my feedback regarding the new UI?
What Should I Expect from Future Versions of the Patch Daemon (SVM Patch Publisher)?
How do I access the new UI?
Using your existing credentials, navigate to https://svm.flexera.com
What browsers are supported by the new UI?
All modern browsers are supported. However, if using Internet Explorer, please keep in mind that the ActiveX plug-in is not supported here. For dependent features like patching, it is necessary to either use the old UI with the ActiveX plug-in, or to use the new SVM Patch Publisher tool (separate from the web-based admin console).
What are some new features of the new UI?
Apart from looking better, when you select a menu item it will open a new tab making it easy to jump between views.
What limitations are associated with the new UI?
Patching and Software Suggestions are not planned as capabilities of the new admin console and will be handled via the SVM Patch Publisher going forward.
Specifically, the following features are not supported by the new web console. This is due to a reliance on ActiveX which we are moving away from by enhancing the SVM Patch Publisher to take on such needs. Patching will be addressed first, other features will follow, some capabilities (like Quick Scan) may be deprecated.
Patching – the creation of templates, patches, and the publishing of patches
Software Suggestions – the ability to suggest new software for assessment
Quick scan – the ability to initiate the scan of an endpoint from the browser
SCCM import – the ability to perform an assessment based on SCCM inventory data
Can I still use the old UI?
Yes, the UI you know, and love remains available and supported at https://csi7.secunia.com/csi/
We will be continuing to support this version of the user interface, at least until the functionality of the new SVM Patch Publisher reaches a stage where it can handle the features currently dependent on this version of the User Interface and its ActiveX plug-in.
Why would I want to use the old UI?
If you wish to leverage the existing functionality which depends upon our ActiveX plug-in, like patching, you may want to stick with the older user interface. The capabilities of the SVM Patch Publisher as an alternative to the older user interface will evolve over the months to come. Please continue to check in and monitor this progress as we work to reach a point where the use of the older UI is no longer necessary but displaced by a superior user experience with the SVM Patch Publisher.
What if I am using Single Sign-On for SVM?
SSO can only be configured for one of the two user interfaces, the new UI or the old one. Therefore, if you leverage SVM for patching and the SVM Patch Publisher does not meet your needs in its current form, you may wish to continue with the older user interface a bit longer. We will be making regular updates to the SVM Patch Publisher in an effort to reduce (and eventually eliminate) the need for the older UI in the months ahead.
Should I change my agent and patch daemon connections?
No. The agent and Patch Daemon (and SVM Patch Publisher) will continue to communicate using the older URL, so no change is necessary. If and when we do require changes to the Patch Daemon, SVM Patch Publisher, or agent communication, we will be sure to provide plenty of notice. Please watch product release notes and subscribe to our Release Blog to help ensure you don’t miss any such announcements.
Where can I share my feedback regarding the new UI?
We encourage conversations in our community forum or specific enhancement requests via our Ideas portal.
What Should I Expect from Future Versions of the Patch Daemon (SVM Patch Publisher)?
We intend to continually improve and enhance the SVM Patch Publisher to provide a superior user experience as compared to the ActiveX plug-in of our older web-based admin console. As a priority, we will initially focus on handling all patching use cases in the SVM Patch Publisher. Other ActiveX-dependent features like Software Suggestions will also be addressed in future updates to eventually remove any need for our older UI with ActiveX. When the SVM Patch Publisher has evolved to such a state, we will communicate an end-of-life plan for the older user interface.
Our next release of the SVM Patch Publisher is planned for early December and will introduce the ability to assign patches to groups when publishing to Workspace ONE.
The ability to create and edit patches (and also to view Smart Group results) is currently planned for release in Q1 2022.
... View more
Nov 29, 2021
10:36 AM
1 Kudo
Thank you for highlighting this, we are working to correct it now and you should see it corrected as early as tomorrow.
... View more
Nov 22, 2021
10:22 AM
With this update, new date filters have been added to the below APIs.
API DATE FILTERS
API
DATE FILTER
DESCRIPTION
/api/vendors/
created_gte
Unix timestamp for the vendor create date, filter type greater than or equal (seconds)
created_lt
Unix timestamp for the vendor create date, filter type less than (seconds)
/api/products/
created_gte
Unix timestamp for the product create date, filter type greater than or equal (seconds)
created_lt
Unix timestamp for the product create date, filter type less than (seconds)
/api/asset-lists/
created_gte
Unix timestamp for the watch list create date, filter type greater than or equal (seconds)
created_lt
Unix timestamp for the watch list create date, filter type less than (seconds)
/api/asset-lists-subscriptions/
created_gte
Unix timestamp for the asset list subscription create date, filter type greater than or equal (seconds)
created_lt
Unix timestamp for the asset list subscription create date, filter type less than (seconds)
/api/asset-list-groups/
created_gte
Unix timestamp for the asset list group create date, filter type greater than or equal (seconds)
created_lt
Unix timestamp for the asset list group create date, filter type less than (seconds)
/api/fnms-products/
created_gte
Unix timestamp for the fnms product create date, filter type greater than or equal (seconds)
created_lt
Unix timestamp for the fnms product create date, filter type less than (seconds)
/api/product-fullversion/
created_gte
Unix timestamp for the product version create date, filter type greater than or equal (seconds)
created_lt
Unix timestamp for the product version create date, filter type less than (seconds)
/api/historic-advisories/
release_gte
Unix timestamp for the advisory release date, filter type greater than or equal (seconds)
release_lt
Unix timestamp for the advisory release date, filter type less than (seconds)
/api/patch/patchable-products/
created_gte
Unix timestamp for the patchable product create date, filter type greater than or equal (seconds)
created_lt
Unix timestamp for the patchable product create date, filter type less than (seconds)
/api/patch/package
created_gte
Unix timestamp for the package create date, filter type greater than or equal (seconds)
created_lt
Unix timestamp for the package create date, filter type less than (seconds)
Release Notes
... View more
Nov 16, 2021
12:16 PM
Thanks for your question. We consider a very broad range of vulnerability intelligence as sources for our advisories, including this. However, we do not currently have plans to expose this as distinct metadata. If this specific source is of special value to you and you would like to see it surfaced as a detail on which you might base a smart group, please suggest such as an enhancement request in our Ideas portal at https://flexerasfdc.ideas.aha.io/ideas?project=SVM so we can better track this request and consider the interest of other customers as part of our prioritization process.
... View more
Nov 05, 2021
03:47 PM
1 Kudo
Thanks for pointing this out. It appears the page had been mistakenly reverted to an earlier version somehow but has now been updated to reflect proper dates.
I'm happy to report that we are doing quite the opposite of moving away from SVM, in fact, you'll soon see a brand new user interface and increasing functionality added to the SVM Patch Publisher to avoid the need for IE/ActiveX to perform patching operations.
... View more
Nov 04, 2021
04:57 PM
5 Kudos
Since its announcement in 2018, AdminStudio has been introducing more and more MSIX capabilities alongside new and innovative features that together make for an indispensable solution.
We introduced a suitability reporting capability just weeks after its initial announcement in 2018
Repackager supports the creation and signing of MSIX packages from other package formats
Our Automated Application Converter (AAC) was updated to support the conversion of MSI/EXE packages to MSIX in bulk by spinning up virtual machines for automated packaging
First ConfigManager, then Intune, AdminStudio supports the publishing of MSIX packages for deployment
InstallShield provided support for creating MSIX packages from MSI projects, then added a dedicated project type for MSIX, and has introduced several iterative updates to achieve great support for MSIX
We also developed a dedicated MSIX editor aimed specifically at IT Pros—no project file necessary, you can directly edit MSIX files and save them directly, as a package or as a modification package. It can sign, trace, inject PSF fixups, and much more
You can easily create App Attach image files in support of Azure Virtual Desktop in either VHD of VHDX file formats
At the same time, new innovative features have been introduced that make all of the above even better. The Package Feed Module provides validated silent installation details to help automate AAC. And you can now subscribe to applications so that as soon as a new version of a product is released by a vendor, it can be downloaded, imported, tested, converted to MSIX format, and published to endpoint management systems like ConfigMan, Intune, Workspace ONE and more.
In the short video below, I walk through the state of MSIX and the many features outlined above to support such in AdminStudio.
... View more
- Tags:
- MSIX
Nov 01, 2021
12:05 PM
3 Kudos
Welcome to our October vulnerability insights report. This comprehensive, monthly review is based upon data from the Secunia Research Team at Flexera who produces valuable advisories leveraged by our Software Vulnerability Research and Software Vulnerability Manager solutions.
With so much data, there are endless ways to look at it. One way we are speculating might be of value is a report which shows a calculated weight by multiplying values for Attack Vector, Criticality, Threat Score, and CVSS Score. The calculation may be debatable, but looking at the top of the list, it could help surface some notable listings...
Let us know what you think, or if you have any other suggestions on how to best review this valuable security data!
... View more
Sep 29, 2021
01:51 PM
It is not publicly available yet but is scheduled to be in just a couple of weeks (in October), however, if you'd like to meet sooner, I'd be happy to show it off and get your feedback.
... View more
Sep 29, 2021
08:26 AM
Some big things are happening with Software Vulnerability Manager. We are both working to improve the admin console with an updated user interface while also working to eliminate the need for ActiveX to perform certain actions. A big effort, we are intending to iterate with continual improvements and enhancements with an eye on making the transition as smooth as possible. Here’s what to expect:
New User Interface
A new user interface is coming along nicely and is currently scheduled to be generally available in October. We’d love to show it to you and get feedback sooner, so please reach out to schedule a session if you are interested!
The new user interface is designed to work on all modern browsers and does away with the need for Internet Explorer and its ActiveX support. However, to do so means removing certain features from the admin console and supporting them instead in our SVM Patch Publisher tool.
Introducing SVM Patch Publisher
The Patch Daemon is taking on enough new responsibilities that we’ve decided to rebrand it as the SVM Patch Publisher. With an eye on backward compatibility, the transition should be pretty seamless but there are some early improvements to highlight and more planned in the months ahead.
The first thing you’ll notice is a completely revamped user interface. With the SVM Patch Publisher, you can specify connections to multiple distribution platforms and instances. For example, you could add a connection to both WSUS and Intune whereas previously such would have required two running instances of the Patch Daemon. When creating a connection, you can provide your own name and that name will appear in the web admin console as an option when publishing a patch.
Later this year we are planning to provide the ability to create and edit patches within the SVM Patch Publisher. Until then this and other ActiveX dependent functionality will continue to require the older admin console running Internet Explorer as has long been required.
We will continue to focus on improving the SVM Patch Publisher by adding additional functionality with the goal of eliminating the need for ActiveX so we can fully retire the older admin console user interface entirely. Note: Microsoft support for ActiveX remains via the Edge browser’s IE Mode feature.
On-Prem Customers
We will be supporting the new user interface and SVM Patch Publisher for not just cloud customers but for our on-premises customers as well. As usual, we will release updates for on-prem following our cloud release. For now, on-prem customers must continue using the existing Patch Daemon but plan to update on-prem to support it in December. During this transition period, we’ll be offering two SVM Toolkit downloads for on-prem and cloud to reduce any confusion over which should be used.
Flexera Software Vulnerability Manager Cloud Toolkit – this installer provides offline utilities such as the Multi-partition Reporting Tool, WSUS Management Tool, and Client Data Tool which are provided as helpful tools to add value to your SVM investment.
Flexera Software Vulnerability Manager On-prem Toolkit – this installer provides everything above as well as the Patch Daemon.
Software Vulnerability Manager Patch Publisher – for cloud customers only, we are providing the SVM Patch Publisher as a stand-alone installer.
Note: Once on-prem supports the SVM Patch Publisher, we’ll drop the “On Prem” download for the SVM Toolkit and will again offer a single download for the Toolkit (and another for SVM Publisher).
Other updates include Windows environment variable support for scan paths and a new setting to control Java assessment. For details, please see Release Notes
... View more
Sep 23, 2021
03:59 PM
1 Kudo
Remote Desktop Connection Manager v2.83.1411.0 coverage has been added to the Vendor Patch Module.
... View more
Sep 22, 2021
10:28 AM
1 Kudo
I've interpreted this as a request as an addition to our VPM coverage and will confirm when a final assessment on its inclusion is complete.
... View more
Sep 13, 2021
10:57 AM
10 Kudos
AdminStudio has evolved beyond that of a repackaging suite helping to increase the speed and quality of preparing security and feature updates for deployment. Like no other solution on the market, it addresses the critical need of providing packages not just for Windows migrations but for the ongoing need to update and deploy applications on an almost constant basis. The video below highlights the significant demand for packages and AdminStudio's comprehensive ability to completely cover such needs.
To better focus on AdminStudio as a complete and comprehensive packaging solution, we no longer provide a few of the tools from the suite on their own, as we did previously with AdminStudio Standard Edition. We have priced AdminStudio Professional as a more competitively priced subscription to help ensure all can enjoy these impactful benefits. Don't hesitate to get in touch with your sales representative with any questions.
... View more
About
Founder of ITNinja (formerly AppDeploy), author, Microsoft MVP and regular speaker on topics related to application and desktop management and security. Check out a portfolio of my work at https://www.bkelly.com
Director, Product Management
Charlotte, NC
Latest posts by bkelly
Subject | Views | Posted |
---|---|---|
87 | Feb 06, 2023 10:44 AM | |
108 | Feb 01, 2023 03:32 PM | |
101 | Jan 26, 2023 08:52 AM | |
264 | Jan 11, 2023 08:32 AM | |
276 | Jan 11, 2023 08:10 AM | |
290 | Jan 11, 2023 07:56 AM | |
315 | Dec 15, 2022 03:05 PM | |
341 | Dec 14, 2022 03:01 PM | |
380 | Oct 25, 2022 01:30 PM | |
637 | Sep 28, 2022 10:06 AM |
Activity Feed
- Got a Kudo for The Critical and Evolving Demands of Software Vulnerability Management. Feb 07, 2023 09:27 AM
- Got a Kudo for The Critical and Evolving Demands of Software Vulnerability Management. Feb 06, 2023 07:09 PM
- Got a Kudo for The Critical and Evolving Demands of Software Vulnerability Management. Feb 06, 2023 11:54 AM
- Got a Kudo for The Critical and Evolving Demands of Software Vulnerability Management. Feb 06, 2023 10:46 AM
- Posted The Critical and Evolving Demands of Software Vulnerability Management on Software Vulnerability Management Blog. Feb 06, 2023 10:44 AM
- Posted SVR January 2023 Update on Software Vulnerability Management Release Blog. Feb 01, 2023 03:32 PM
- Posted Re: SVM: Software not recognized - can it be added for recognition? on Software Vulnerability Management Forum. Jan 26, 2023 08:52 AM
- Posted Re: SVM supported operating systems and versions on Software Vulnerability Management Forum. Jan 11, 2023 08:32 AM
- Posted Re: SVM supported operating systems and versions on Software Vulnerability Management Forum. Jan 11, 2023 08:10 AM
- Got a Kudo for Re: SVM supported operating systems and versions. Jan 11, 2023 08:10 AM
- Got a Kudo for Re: SVM supported operating systems and versions. Jan 11, 2023 07:57 AM
- Posted Re: SVM supported operating systems and versions on Software Vulnerability Management Forum. Jan 11, 2023 07:56 AM
- Kudoed Re: SVM supported operating systems and versions for james_ellis. Jan 11, 2023 07:56 AM
- Got a Kudo for Re: SVM supported operating systems and versions. Jan 11, 2023 07:56 AM
- Kudoed Monthly Vulnerability Insights: December 2022 for raslam. Jan 05, 2023 08:37 AM
- Posted AdminStudio 2022 R2 SP1 on AdminStudio and Workflow Manager Release Blog. Dec 15, 2022 03:05 PM
- Got a Kudo for AdminStudio 2022 R2 SP1. Dec 15, 2022 03:05 PM
- Got a Kudo for AdminStudio 2022 R2 SP1. Dec 15, 2022 03:05 PM
- Posted SVM December 2022 Update on Software Vulnerability Management Release Blog. Dec 14, 2022 03:01 PM
- Got a Kudo for What Should Our Next Packaging Experts Roundtable Topic Be?. Oct 27, 2022 03:25 AM