ECMDay2015 - Kent Agerlund - Secunia - 10 minutes is all it takes – Managing Microsoft and 3rd party updates with System Center 2012 Configuration Manager & Secunia CSI
Join Kent Agerlund on this tour on handling Microsoft Updates and 3rd. party within a System Center 2012 R2 Configuration Manager environment. During this session, you will learn how to design and configure a Software Update solution that will be easy to manage and yet powerful enough to maintain your server and desktop environment. The session will integrate Secunia CSI 7 with Configuration Manager. Expect to learn tips and tricks that will assist you solving the daily challenges around patching your environment.
Experts Live Europe 2017 - Best Practices to secure Windows 10 with already i...
Similar to ECMDay2015 - Kent Agerlund - Secunia - 10 minutes is all it takes – Managing Microsoft and 3rd party updates with System Center 2012 Configuration Manager & Secunia CSI
Similar to ECMDay2015 - Kent Agerlund - Secunia - 10 minutes is all it takes – Managing Microsoft and 3rd party updates with System Center 2012 Configuration Manager & Secunia CSI (20)
ECMDay2015 - Kent Agerlund - Secunia - 10 minutes is all it takes – Managing Microsoft and 3rd party updates with System Center 2012 Configuration Manager & Secunia CSI
1. Addressing the challenge of
patch management with The
Secunia CSI and System Center
ConfigMngrWilliam Melby, Regional Director, Secunia
Kent Agerlund, MVP, Coretech
2. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
2
Company Overview
Brief Secunia facts
Established: 2002
HQ: Copenhagen, Denmark
Regional office: Minneapolis, USA
Regional development office:
Bucharest, Romania
Ongoing collaboration with
leading industry organizations
Trusted advisor to thousands of
organizations, including CERTS
and ISACs, the White House,
NATO, NIST, NERC and Mitre.
Employees: 96 FTE’s, 25
Nationalities
Ownership: DKA Capital
3. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
3
Where does the raw intel come from?
Meta-crawler engine searching 3,000 sources
Good relationship with software vendors
Good relationship to community / coordinated disclosure via Secunia
In-house research
What happens with the raw data?
Secunia verifies
Secunia standardizes
How does Secunia Research work?
4. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
4
Research Team
The heart and soul of Secunia; the eyes and ears of the industry
One of the largest Vulnerability
Intelligence databases on the
market
• Database contains
vulnerabilities in software
products since 2003.
• 50,000+ programs,
applications and plug-ins
from thousands of
software vendors.
• Fully CVE compliant.
Data is tested and
verified by Secunia’s
researchers.
• The database is unique
to Secunia and is
Secunia IP.
5. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
5
Solutions Portfolio
Reliable, transparent, integrated, cloud-deployed solutions
Free version for smartphones and tablets
Scans apps downloaded from Google Play as
well as apps from external sources
Alerts users to apps with known vulnerabilities
Checks that security updates are performed
quickly
Personal Software Inspector (PSI) PSI for Android
Consumer
Free tool for Vulnerability Management
Safeguard data from cybercriminals
Scans software on PCs and identifies insecure
programs
Automatically applies software security updates to
keep PCs secure
Corporate
Corporate Software Inspector (CSI) Vulnerability Intelligence Manager (VIM)
Targeted, flexible Patch Management
Secures and updates vital applications
The complete A-Z: Vulnerability Intelligence and
Scanning plus Patch Creation and Deployment
Microsoft System Center 2012 and WSUS
integration
Scans PCs and Apple Mac OS X
Tactical handling of vulnerability threats
Enables pre-emptive action against
vulnerabilities in a simple, cost-effective way
Delivers real-time vulnerability alerts
No installation required
6. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
6
13,073 vulnerabilities were discovered in 2,289 vulnerable products.
Vulnerabilities in All Products in 2013: 13,073
A 45% increase in vulnerabilities (5 year trend)
Source: “Secunia Vulnerability Review 2014.” https://secunia.com/vulnerability-review/
7. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
7
In 2013 there were less third-party programs in a typical software portfolio, yet these programs
accounted for the majority of vulnerabilities. It is not enough to only patch Microsoft programs or
the ‘usual suspects’.
Enterprise Challenge: Knowing What to Patch
Secunia brings visibility and solutions to vulnerability threats
Source: “Secunia Vulnerability Review 2014.” http://secunia.com/vulnerability-review/
8. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
8
86% of vulnerabilities had patches available on the day of disclosure.
You can patch most vulnerabilities – the trick is knowing what to patch.
Time to Patch! Top 50 Software Portfolio
Patch availability on the day of disclosure is increasing
Source: “Secunia Vulnerability Review 2014.” https://secunia.com/vulnerability-review/
10. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
10
From Patch Management to Software Vulnerability
Management
11. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
11
The only security solution for patch management
Rich security content: Vulnerability Intelligence
Proprietary vulnerability database
Software inventory scanner: 20,000+ applications
Tested patches
Secunia Packaging System:
Disabled adware, EULA, shortcuts
Single-click configuration options
Enterprise ready
The Secunia CSI
How we are different
12. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
12
Patch Management = Patch deployment
No synergy between security assessment and patch
activities
Focus on the most common applications
Dependency on vendor information
Non prioritized patching process
Non rated patch content (criticality)
Focus on content rather than assessment and
prioritization
Patch Management
Challenges and Misconceptions
13. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
13
The Secunia CSI
We support the entire Software Vulnerability Management Lifecycle
14. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
14
Introduction to the Secunia CSI
Combining scanning and patching to meet the requirements of both IT security and
operations
It’s not enough to detect the
vulnerabilities if you can’t
patch them. It’s not enough to
have the patches, if you don’t
know where to apply them.
Secunia CSI gives you the when, the
where, the what and the how:
This combination of vulnerability
intelligence, vulnerability scanning, patch
creation and patch deployment is unique
in the industry.
15. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
15
Coverage
Scan/assess the security state of
practically all legitimate programs
running on Microsoft Windows
Platforms.
Scanning support for Windows,
Apple Mac OS X, Red Hat
Enterprise Linux (RHEL) and
Android platforms.
Sources Secunia’s Vulnerability
Intelligence Database, covering
all off-the-shelf programs.
CSI Feature Highlights
Complete, flexible, unique – it works the way you do
Overview
Smart Groups filter and
segment data according to
products, devices or
advisories.
User group accounts based
on roles and permissions.
Exact mapping of
infrastructure and users to
ensure environments are in
sync.
Integration
Manage and publish packages
using third-party patch deployment
solutions (Microsoft
WSUS/System Center 2012 or
Altiris).
Secunia VIM: automatically
create/update asset lists based on
Secunia CSI’s scan results.
Secunia PSI 3.0/PSI for Android:
manage decentralized
PCs/Android devices.
16. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
16
Management
Comply with regulatory standards (e.g. PCI-DSS or NERC-
CIP) regarding the patching of programs.
Utilize your existing infrastructure to enforce security levels,
i.e. Microsoft System Center 2012.
Enable policy enforcement and document your compliance
efforts in the case of a breach.
Operations
An overview of the security state of all programs installed
across endpoints and servers for effective prioritization of
patching efforts.
Cross-platform scanning and patching of non-Microsoft
programs.
Automatic package creation, plus access to out-of-the-box
packages.
Security
Pinpoint the exact vulnerabilities affecting your network and
verify security levels (Microsoft, third-party and custom
programs).
Audit, enforce and document patching levels based on in-
depth intelligence.
Secure your off-site assets.
CSI Key Takeaways
What’s in it for you?
17. CONFIDENTIAL - Secunia Corporate, Product and
Roadmap Briefing
17
Strengths:
Complete coverage of Microsoft applications
Complete coverage of Windows Client OS
Good deployment capabilities (“Supersedence”, “Dependencies”)
Weaknesses
No content for 3rd Party (non-Microsoft) applications
No tool for supporting patch management of non-Microsoft
applications
The Patch Management Challenge with Microsoft
System Center
“Microsoft Configuration Manager does not provide automated
patch management for other products, such as Adobe applications
(other than Reader and Flash), Java, Firefox, Chrome, and Skype.
Organizations must patch these types of applications by doing
their own patch research, repackaging or scripting the updates, and
pushing through Configuration Manager.”
18. Stay Secure
www.secunia.com
Secunia
Mikado House, Rued Langgaards Vej 8, 4th floor
DK-2300 Copenhagen S
Denmark
Phone: +45 7020 5144
Fax: +45 7020 5145
Secunia Inc.
Lake Calhoun Business Center, Suite 420
3033 Excelsior Boulevard
Minneapolis, MN 55416
USA
Phone: +1 888 924 8265
Fax: +1 888 924 8266