Secunia CSI
What Is It
Secunia Corporate Software Inspector (CSI) is an authenticated software vulnerability and patch scanner which identifies installed programs and missing security patches (3rd party applications and operating system), end-of-life products, and audits that patches were correctly applied. More information about this product is available at http://secunia.com/products/corporate/csi/
How It Benefits Campus
The campus-wide license for Secunia CSI negotiated by OIT will allow groups on campus responsible for patching computer systems (Windows and Mac supported) to have their own CSI account and deploy the product in a way that fits their environment. Once deployed, insecure software on computers they manage can be identified and overall risk level reported. Depending on their current patch deployment solution, CSI may also integrate with that or just verify it is doing its job properly. For people on campus who are not supported directly by their department for patching software, they can legally use the Secunia Personal Software Inspector (PSI) on University-owned machines to scan and patch their own computers. Simply patching operating systems, running anti-virus and using a firewall is no longer "safe enough" anymore. Timely and accurate patching of 3rd party software on systems is incredibly important as it is the #1 cause of infection and computers getting blocked on campus today, and continues to be one our biggest areas of risk. This service makes identifying that risk and dealing with it much easier.
Status
CSI accounts are available by request for groups on campus responsible for patching staff and faculty computers. Contact security@uci.edu for details on getting started. We are also working with ResNet and other channels of communication to students for getting PSI to help protect their personal machines.