Jul 28, 2022
01:59 AM
Great news specially with the tracking option as this was a gap always to know what we did and the status of it 😀
... View more
May 24, 2022
09:38 AM
Does this also work on the new page with IE11 mode or it have to stay on the legacy one?
https://csi7.secunia.com - old
https://svm.flexera.com
cheers
Lukas
... View more
Jan 13, 2022
06:57 AM
@Howardmp We only deploy all Redhat this Friday the new agent. The 7.6.0.18 was able to find already log4j1.2. We will only see if more comes in after 7.6.0.19 went out. Mac, we not really use and only limited scope. Lukas
... View more
Jan 12, 2022
02:18 PM
1 Kudo
@ChrisG , @cdubs76 , I think our all issue is that log4j 1.x is EOL since 2015. That does not help either to argue always 1.x is secure @logging.apache.org/log4j/1.2/
... View more
Jan 11, 2022
01:31 PM
@Howardmp Evening, advisory and products in cloud instance will update on 7.6.0.19 agents scanning finding an log4j install and 1.x as EOL and 2.17.x or lower as secure or insecure. cheers lukas
... View more
Jan 05, 2022
01:05 PM
@Howardmp Hi, you need 7.6.0.19 client for it to enable the log4j scans. The cloud update is done but agent need update to turn it on. Lukas
... View more
Dec 16, 2021
02:42 AM
1 Kudo
SVM can't scan on *.jar files. This way log4j on Windows won't be found. Only RedHat. We had a support ticket on SVM to clarify situation. This way in SVM you would only find it if e. g. IBM issue a CVE to fix their product which contain log4j to a newer version of their platform. If they publish only to change xy config file that won't appear in SVM at all. This way no chance ot use this. We end up to write a script and search for log4j* via SCCM on all our end points and servers and monitor software vendors articles. The tricky part is also the above is an option but if the dll is embedded in their code you won't be able to find it with our above method either.
... View more
Dec 13, 2021
06:42 AM
1 Kudo
Dear team, we try to cover us for above with SVM. We know RedHat is covered in SVM but nothign on Windows OS. We tried to download their sources but there is only *.jar and non of them have a signed certificate etc. What are our options to find insecure apps/services on servers or endpoints on MS OS using SVM? Lukas
... View more
Dec 13, 2021
02:52 AM
Can we get a statement what SVM supports or does not support in products and detection rules please?
... View more
Sep 29, 2021
09:25 AM
1 Kudo
@bkelly great news on the UI. We would like to see it upfront if possible.
... View more
Mar 12, 2021
04:37 AM
@bkelly , do I miss anything? Status page have nothing about SVM scheduled. https://status.flexera.com/ and the SVR was only published yesterday. SVM is nothing yet in relation to this enhancement.
... View more
Mar 11, 2021
04:09 PM
@bkelly , I see SVR was updated. https://community.flexera.com/t5/Software-Vulnerability/SVR-March-2021-Update/ba-p/183720 SVM coming as well 5pm 🙂 so we wait
... View more
Mar 11, 2021
02:24 AM
Do we have any time when this will be activated on tenant/cloud level? UK time, US time etc?
... View more
Jun 04, 2020
10:50 AM
HI, not sure when the beta enhancement page will be available to all again. This way going back to the old way of communicate. We have the problem that we installed the Daemon to perform scheduled reports. That is a great option. But we want to export the data e. g. weekly or monthly and keep the previous version. The export option does not support any wildcards in the file name e. g. DD-MM-YYYY or anything which would have a fixed value and a dynamic value. This way we can run the same export scheduled without override on our export source. We end up now to have a scheduled task to move data away which is annoying. Regards Lukas
... View more
May 19, 2020
02:43 AM
4 Kudos
Great to see that you listen to customer voice 🙂 Thanks for approving the enhancement.
... View more
Latest posts by Shoggi
Subject | Views | Posted |
---|---|---|
184 | Jul 28, 2022 01:59 AM | |
484 | May 24, 2022 09:38 AM | |
1140 | Jan 13, 2022 06:57 AM | |
8526 | Jan 12, 2022 02:18 PM | |
1176 | Jan 11, 2022 01:31 PM | |
1220 | Jan 05, 2022 01:05 PM | |
792 | Dec 16, 2021 02:42 AM | |
712 | Dec 13, 2021 06:42 AM | |
41394 | Dec 13, 2021 02:52 AM | |
952 | Sep 29, 2021 09:25 AM |
Activity Feed
- Posted Re: SVM July 2022 Update on Software Vulnerability Management Release Blog. Jul 28, 2022 01:59 AM
- Posted Re: Flexera SVM and Microsoft Internet Explorer EoSL on Software Vulnerability Management Blog. May 24, 2022 09:38 AM
- Posted Re: SVM December Update for Log4j Detection on Software Vulnerability Management Release Blog. Jan 13, 2022 06:57 AM
- Posted Re: Flexera’s response to Apache Log4j vulnerabilities CVE-2021-4104, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44228 on Community Notices. Jan 12, 2022 02:18 PM
- Got a Kudo for Re: Flexera’s response to Apache Log4j vulnerabilities CVE-2021-4104, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44228. Jan 12, 2022 02:18 PM
- Posted Re: SVM December Update for Log4j Detection on Software Vulnerability Management Release Blog. Jan 11, 2022 01:31 PM
- Posted Re: SVM December Update for Log4j Detection on Software Vulnerability Management Release Blog. Jan 05, 2022 01:05 PM
- Posted Re: Identifying Apache Log4j JNDI Vulnerability “Log4Shell” (CVE-2021-44228, CVE-2021-4104) on Software Vulnerability Management Blog. Dec 16, 2021 02:42 AM
- Got a Kudo for Re: Identifying Apache Log4j JNDI Vulnerability “Log4Shell” (CVE-2021-44228, CVE-2021-4104). Dec 16, 2021 02:42 AM
- Kudoed Re: Security Advisory: Log4j Java Vulnerability (CVE-2021-44228) for raslam. Dec 13, 2021 07:49 AM
- Got a Kudo for Security Advisory: Log4j Java Vulnerability (CVE-2021-44228). Dec 13, 2021 07:24 AM
- Posted Security Advisory: Log4j Java Vulnerability (CVE-2021-44228) on Software Vulnerability Management Forum. Dec 13, 2021 06:42 AM
- Kudoed Re: Security Advisory: Log4j Java Vulnerability (CVE-2021-44228) for ChrisG. Dec 13, 2021 06:38 AM
- Posted Re: Security Advisory: Log4j Java Vulnerability (CVE-2021-44228) on Community Notices. Dec 13, 2021 02:52 AM
- Kudoed MSIX? AdminStudio Has You Covered for bkelly. Nov 04, 2021 05:47 PM
- Got a Kudo for Re: SVM September Update. Sep 29, 2021 12:21 PM
- Posted Re: SVM September Update on Software Vulnerability Management Release Blog. Sep 29, 2021 09:25 AM
- Kudoed EOL Status of Microsoft Products for bkelly. Jun 17, 2021 04:10 PM
- Posted Re: New and Improved Threat Scores in SVM and SVR on Software Vulnerability Management Blog. Mar 12, 2021 04:37 AM
- Posted Re: New and Improved Threat Scores in SVM and SVR on Software Vulnerability Management Blog. Mar 11, 2021 04:09 PM