Jul 24, 2019
10:24 AM
1 Kudo
Today marks the release of SVM 2019 R3 (for cloud, the on-prem edition will be updated next week) which has some new capabilities I think you’ll really appreciate! It includes the new Vendor Patch Module, documented APIs, as well as agent and smart group enhancements.
The Vendor Patch Module is a new optional feature of SVM 2019 that provides over a thousand out-of-the-box patches as well as details to help you easily create over a thousand others.
API Support is now documented allowing you to integrate SVM 2019 with other systems and processes as well as to pull data for the creation of custom reports.
A signed version of the SVM agent is now available. The standard agent downloads are still available which inject a token to match the agent to your account. This is simple to use but breaks our ability to sign the agent. For those that wish to use a signed version of the agent, a separate download is now provided for which you can specify your account token via an INI file or registry entry (see documentation for details).
CVSS scores have been added as available criteria when creating new Product or Advisory based smart groups. This way, you can focus on specific ranges of products and advisories based on criticality. You’ll also notice the SVM login screen looks different—this was introduced for some consistency between products.
For more details on SVM 2019 R3, please see the release notes. For more details on the Vendor Patch Module, see this blog post.
... View more
Jul 24, 2019
10:16 AM
7 Kudos
As you see what this is and what’s gone into it, I think you’ll quickly appreciate that this is the result of a very large effort by a lot of people. It took a very long time to bring it to you—I am appropriately excited to finally unveil it to you!
SVM takes software patch management far beyond that of a simple patch catalog. It provides integrated vulnerability research by our Secunia Research team, assesses where vulnerable software is found and provides you with easy-to-leverage insights for prioritizing remediation efforts. It also provides patches so you can more quickly remediate popular applications by publishing updates via WSUS or SCCM. Our patches are wrapped in scripts that provide consistency and customization options. They can also handle edge cases where the vendor update may not behave as expected. To offer such patches, many criteria needed to be met, including the need for the set up to be freely distributable, silently installable and to behave as reliably as expected. Additionally, SVM is all about addressing software vulnerabilities, so we only created patches when a known security vulnerability would be addressed.
Organizations spend way too much time creating deployment packages to update software, and see a patch catalog as a way to offset some percentage of that effort. SVM offers far more patch management capabilities than any patch catalog ever could. However, choosing SVM for all its insights and capabilities should not mean compromising on accessing a large number of time-saving patches.
Today, with the release of the Vendor Patch Module, SVM can now provide over a thousand patches out of the box, as well as details on more than a thousand others to help you create even more patches faster.
With awareness of so many vulnerabilities (thanks to Software Vulnerability Manager) and so many patches at your disposal (thanks to the Vendor Patch Module) you are likely to quickly appreciate the need for intelligent prioritization. Some environment-specific testing is still required, and so you must resist just publishing huge numbers of patches, and prioritize appropriately to patch responsibly. SVM helps you to prioritize by prevalence (how many affected devices are out there), by criticality (the seriousness of a vulnerability), by affected assets (it is common to prioritize some groups of devices over others), and finally, by our new threat score. A threat score is a 0-99 value illustrating the likelihood the vulnerability is being exploited.
Threat Intelligence introduces a new level of insight in prioritization. Most exploited vulnerabilities see a CVSS score between 4 and 7 which would make them outside a typical prioritization that focused on criticality alone. In fact, if you look at the top 20 biggest software vendors, they only represent about 20% of last year's exploited vulnerabilities. SVM with the Threat Intelligence Module and the new Vendor Patch Module work great together by helping you to better prioritize the many patches now at your disposal.
And to that end, there is a promotion on now for the first 100 customers who purchase the Vendor Patch Module: We will provide a free year of the Threat Intelligence Module. Contact your customer support manager or sales representative today to take advantage or contact us here .
Resources
Webinar Registration
Datasheet
List of Patches Included
Documentation
... View more
Labels
Jul 22, 2019
09:39 AM
3 Kudos
It shows this way because the agent is not signed. When you download the agent from your account, a token is injected on the fly to identify your account which prevents our ability to offer a signed agent today. In our upcoming release, we will provide the option to used a signed agent and look to an INI file or registry entry for the token instead of injecting it in this way. This enhancement is planned for release later this month (July 2019).
... View more
Jul 17, 2019
01:34 PM
I'll come back and update this response if I hear otherwise, but I have initial confirmation that nothing has been done since 7.6.1.2 that is expected to have impacted compatibility and so there are no concerns regarding support for Server 2019.
... View more
Jul 17, 2019
07:56 AM
Please open a support ticket to have your activation reset. Just choose "Get Support > Open New Case" above.
... View more
Jul 17, 2019
07:20 AM
4 Kudos
No, SVM 2019 does not perform assessment based on a simple inventory. Such often does not provide the granularity necessary to determine the specific build of an installed application which is necessary to confirm if the installed version is vulnerable or not. To accomplish this we leverage file signatures (both a quick and accurate method).
The good news is that you do not need to install the agent to perform a scan. Many customers choose to simply run the SVM scan as a scheduled task using SCCM, BigFix, Workspace ONE, etc. A simple command line can do the trick and avoids the need for an installation of the agent. Alternatively, SVM can leverage an SCCM inventory if it is configured to collect details about EXE, DLL and OCX files (which are necessary to support a File Signature based scan).
... View more
Jul 16, 2019
11:25 AM
2 Kudos
Yes, the SVM agent is supported on Windows Server 2019 and we will update documentation references accordingly. Thanks!
... View more
Jun 28, 2019
07:27 AM
In Software Vulnerability Manager (formerly Secunia), you can use our white list/black list feature to control what paths are scanned to effectively exclude unwanted applications. Please see the documentation link below and let us know if you have any further questions!
https://helpnet.flexerasoftware.com/csi/Default.htm#helplibrary/Scan_Paths.htm
... View more
Jun 28, 2019
06:58 AM
1 Kudo
Thanks @RDanailov . Worry not, I'm monitoring the forums and captured the feedback. I'm hoping to have our ideation capability up soon which will be much better than this, but I actually prefer individual forum topics over one large thread like this because the back and forth becomes a bit hard to follow with several topics going on in a single thread.
... View more
Jun 24, 2019
04:00 PM
1 Kudo
UPDATE 8/17/2019: The move to AWS is complete!
As a result of this move, we have changed the SSL certificates of https://csi7.secunia.com. The certificate chain is different and the Certificate revocation list (CRL) distribution points have changed as well with the new certificates.
If you with to whitelist the URLs explicitly on your proxy and firewall, then we recommend the list documented here.
UPDATE 8/1/2019: We are planning to move from our Copenhagen-based data center to Amazon Web Services (AWS) in Ireland for increased security, performance and stability. We remain on schedule and will make this change on August 16th. The URL is not changing, so this should not impact most users. However, if you are using a static IP address to reference this server, or to whitelist access to the server, it is important that you update such to refer to the server by name instead. We are moving to Dynamic DNS for increased reliability going forward which necessitates the need to use names instead of IP addresses from this point forward. On August 17th you are encouraged to refresh any IP/Name DNS cache entries you may have on your end to expire any stale DNS pointers. Scheduled Times PDT: August 16th 03:00 pm - August 18 10:00 am UTC: August 16th 22:00 pm - August 18 17:00 pm AEST: August 17th 8:00 am - August 19th 3:00 am For up to the minute status of availability, click here. Original Message: Some good news for our SVM Cloud customers: we are planning to move from our Copenhagen-based data center to Amazon Web Services (AWS) in Ireland for increased security, performance and stability. Our tentative plan is to make this move between August 16 - 18 and may result in a temporary outage while necessary updates are propagated. We will communicate again closer to the actual move with more details and optional measures you may wish to take, but you should not need to take any action (the URL used to log in will not change). If you have any questions or concerns, please contact support or reply here.
... View more
- Tags:
- SVM
Jun 21, 2019
01:22 PM
Hi @ScottDonofrio ! Please correct me if I'm mistaken, but this seems like feedback for InstallShield (perhaps as part of AdminStudio) but not Software Vulnerability Manager (SVM). Please confirm and we can move this to the appropriate forum.
... View more
Jun 18, 2019
12:51 PM
This is the right place to ask this question.
Can you offer more details? If you have the MSI package, is that not the installer? Maybe it was the captured cache MSI for uninstall only. As it is already a virtualized state, repackaging it won't be an option. I would suggest tracking down the original installer (it must be an in-house application and there is no vendor you can go to?).
AdminStudio can create Thinapp packages, but I'm not aware of a "tool" that will take a virtual application and make it normal again - definitely an uncommon situation you find yourself in here.
... View more
Jun 10, 2019
12:37 PM
1 Kudo
Have you looked at https://learn.flexera.com/series/tech-operations-with-adminstudio
... View more
May 29, 2019
12:53 PM
You might also consider leveraging a PowerShell or EXE Wrapper.
... View more
Re: Why 9apps not working


May 16, 2019
03:04 AM
May 16, 2019
03:04 AM
Can you offer more information about your situation?
Have you have created your own patch and are trying to publish such with SVM 2019, or are you are trying to install it manually/interactively on a single system?
... View more
About
Founder of ITNinja (formerly AppDeploy), author, Microsoft MVP and regular speaker on topics related to application and desktop management and security. Check out a portfolio of my work at https://www.bkelly.com
Director, Product Management
Charlotte, NC
Latest posts by bkelly
Subject | Views | Posted |
---|---|---|
142 | May 05, 2022 12:49 PM | |
162 | Mar 31, 2022 07:50 AM | |
184 | Mar 29, 2022 09:33 AM | |
113 | Mar 28, 2022 11:13 AM | |
159 | Mar 28, 2022 11:07 AM | |
171 | Mar 28, 2022 10:42 AM | |
311 | Feb 23, 2022 08:00 AM | |
309 | Feb 23, 2022 07:34 AM | |
356 | Feb 22, 2022 08:22 AM | |
199 | Jan 26, 2022 12:39 PM |
Activity Feed
- Got a Kudo for Flexera SVM and Microsoft Internet Explorer EoSL. May 05, 2022 11:01 PM
- Got a Kudo for Flexera SVM and Microsoft Internet Explorer EoSL. May 05, 2022 01:23 PM
- Posted Flexera SVM and Microsoft Internet Explorer EoSL on Software Vulnerability Management Blog. May 05, 2022 12:49 PM
- Kudoed Monthly Vulnerability Insights: April 2022 for raslam. May 04, 2022 02:55 PM
- Got a Kudo for Re: Google Chrome version 100. Mar 31, 2022 04:47 PM
- Posted Re: Google Chrome version 100 on Software Vulnerability Management Forum. Mar 31, 2022 07:50 AM
- Posted Re: CISA Known exploited vulnerabilities integration? on Software Vulnerability Management Forum. Mar 29, 2022 09:33 AM
- Posted Re: Miktex - Addition to VPM on Software Vulnerability Management Forum. Mar 28, 2022 11:13 AM
- Posted Re: Brady Workstation - Addition to VPM on Software Vulnerability Management Forum. Mar 28, 2022 11:07 AM
- Posted Re: Brady Workstation - Addition to VPM on Software Vulnerability Management Forum. Mar 28, 2022 10:42 AM
- Got a Kudo for Re: Secunia PSI Download error massages. Feb 23, 2022 08:01 AM
- Posted Re: Secunia PSI Download error massages on Software Vulnerability Management Forum. Feb 23, 2022 08:00 AM
- Posted Re: view or work only with 'Secunia' patches in advance on Software Vulnerability Management Forum. Feb 23, 2022 07:34 AM
- Posted Re: view or work only with 'Secunia' patches in advance on Software Vulnerability Management Forum. Feb 22, 2022 08:22 AM
- Got a Kudo for How Many Patches Does Flexera Have?. Feb 21, 2022 04:05 AM
- Got a Kudo for How Many Installers Does AdminStudio Package Feed Module Cover?. Feb 21, 2022 04:04 AM
- Got a Kudo for How Many Patches Does Flexera Have?. Feb 18, 2022 08:17 AM
- Got a Kudo for How Many Installers Does AdminStudio Package Feed Module Cover?. Feb 18, 2022 07:31 AM
- Got a Kudo for How Many Installers Does AdminStudio Package Feed Module Cover?. Feb 18, 2022 07:31 AM
- Got a Kudo for How Many Installers Does AdminStudio Package Feed Module Cover?. Feb 18, 2022 07:31 AM