Corporate Software Inspector 2016 R8 (On-Premises Edition)

Release Notes

September 2017

Introduction

Flexera’s Corporate Software Inspector is a Vulnerability and Patch Management Software Solution that completes and targets the Patch Management process. It combines Vulnerability Intelligence, Vulnerability Scanning, and Patch Creation with Patch Deployment Tool Integration to enable targeted, reliable, and cost-efficient Patch Management.

Vulnerability and Patch Management are critical components of any security infrastructure because it enables proactive detection and remediation of vulnerabilities before they are actively exploited and your security compromised. With Corporate Software Inspector, IT Operations and Security Teams are empowered to take control of the Vulnerability Threat from both Microsoft and non-Microsoft (third-party) product vulnerabilities, covering Microsoft Windows, Mac OSX, and Red Hat Enterprise Linux.

Corporate Software Inspector scanning technology takes a different approach than other vulnerability scanning solutions by conducting non-intrusive scans to accurately identify all installed products and plugins on the system.

Corporate Software Inspector integrates seamlessly with Microsoft® WSUS and System Center Configuration Manager.

New Features

Corporate Software Inspector 2016 R8 (On-Premises Edition) includes the following new features:

Randomizing the Agent Scan Schedule
Flexera Software Package System (SPS) Timestamp
All Missing Microsoft Knowledge Base (KB) articles affecting any Microsoft product now available via new table in the database console screen
Header Security for Red Hat (RH)6, RH7 and Virtual Appliance (VA)
Export option has been added in Scan Results

Randomizing the Agent Scan Schedule

Corporate Software Inspector now has a command line option to set up a random scan schedule to stagger the scanning of multiple machines within a system. This command line applies to all platforms.

csia.exe -c -si <scan interval upper limit>

“si” represents scan interval, and the scan interval’s upper limit can be set up by the number of minutes.

For example, csia.exe -c -si 20 would mean that the scanning agent will start scanning after a delay of random minutes, which could be from 1 to 20 minutes (CSIL-8199).

Flexera Software Package System (SPS) Timestamp

The Flexera SPS Timestamp setting allows users to track when a patch was deployed to its system when creating a patch with the Flexera SPS.

Under the Flexera SPS Timestamp drop-down menu, you can select the default “No timestamp required” option or the appropriate timestamp provider (CSIL-8259).

Important • To ensure the Flexera SPS Timestamp setting appears in the Corporate Software Inspector Configuration module, you must refresh the cache in your browser. You can use the shortcut key CTRL+R.

All Missing Microsoft Knowledge Base (KB) articles affecting any Microsoft product now available via new table in the database console screen

A new table csi_ms_missing_kbs has been added. This table is populated by the daily cron job script generate_historical_data.php and provides a cumulative listing of all missing KBs found by Corporate Software Inspector scans for Microsoft products. Corporate Software Inspector R8 allows administrative users to access the cumulative report of KBs for a Microsoft product (CSIL-8263).

Note • This feature does not add any new scanning ability, rather it summarizes all the missing KBs for Microsoft products found in scans.

Header Security for Red Hat (RH)6, RH7 and Virtual Appliance (VA)

The following security headers have been added to the Corporate Software Inspector website to make it more secure (CSIL-8307).

Header set X-Content-Type-Options: "nosniff"
Header set X-Frame-Options: "sameorigin"
Header set X-Content-Security-Policy: "script-src 'self'"
Header set X-XSS-Protection: "1;mode=block"
Header set X-permitted-cross-domain-policies: "none"
Header set Strict-Transport-Security: "max-age=31536000;includeSubDomains"

Export option has been added in Scan Results

After you receive your scan results, you can export them to a CSV file. The scan results can be exported with various product options including End of Life (EOL), Patched, and Insecure (CSIL-6872).

Resolved Issues

Corporate Software Inspector 2016 R8 (On-Premises Edition) has resolved the following issues:

Advisory Smart Groups: Filter Advisories for a specific time frame
Time from Insecure Version Detection to Update Creation Dashboard element does not work
EOL reports are returning blank lines
Randomizing the Agent Scan Schedule
Partition creation can be interrupted after clicking Save

Advisory Smart Groups: Filter Advisories for a specific time frame

In the View/Edit Smart Group menu, you can filter results by date for the following criteria: Advisory Published, Last Scan Date, and Secunia Advisory ID (SAID) Creation Date. This filtering by date creates a list of all Advisories published on that date (CSIL-6760).

Time from Insecure Version Detection to Update Creation Dashboard element does not work

To clarify how this feature works, when a user creates a Flexera Software Package System (SPS), it shows the recent 10 patched packages in the Dashboard element Time from Insecure Version Detection to Update Creation. Since this Dashboard element is user specific, this element only displays the packages that are created for the current user. The field elapsed time is the difference between the insecure detection and the package creation (CSIL-8228).

EOL reports are returning blank lines

EOL reports in the CSV format are no longer generating any blank lines (CSIL-8315).

Randomizing the Agent Scan Schedule

Corporate Software Inspector now has a command line option to set up a random scan schedule to stagger the scanning of multiple machines within a system. This command line applies to all platforms.

csia.exe -c -si <scan interval upper limit>

“si” represents scan interval, and the scan interval’s upper limit can be set up by the number of minutes.

For example, csia.exe -c -si 20 would mean that the scanning agent will start scanning after a delay of random minutes, which could be from 1 to 20 minutes (CSIL-8199).

Partition creation can be interrupted after clicking Save

Previously when a user tried to create a partition and clicked Save, the user was also able to click Close, which aborted the action. The end result was that the partition was created in the background, but the partition was not shown in Corporate Software Inspector. To address this issue, the Close button is disabled once the user creates the partition and clicks Save (CSIL-6327).

System Requirements

To use the Corporate Software Inspector console, your system should meet the following requirements:

Minimum resolution: 1024x768
Internet Explorer 11 or higher (Scan results can also be viewed from other browsers)
Internet connection capable of connecting to https://csi7.secunia.com
The addresses crl.verisign.net, crl.thawte.com, http://*.ws.symantec.com and https://*.secunia.com/ should be white-listed in the Firewall/Proxy configuration
First-Party cookie settings at least to Prompt (in Internet Explorer)
Allow session cookies
A PDF reader

Legal Information

Copyright Notice

Copyright © 2017 Flexera. All Rights Reserved.

This publication contains proprietary and confidential information and creative works owned by Flexera and its licensors, if any. Any use, copying, publication, distribution, display, modification, or transmission of such publication in whole or in part in any form or by any means without the prior express written permission of Flexera is strictly prohibited. Except where expressly provided by Flexera in writing, possession of this publication shall not be construed to confer any license or rights under any Flexera intellectual property rights, whether by estoppel, implication, or otherwise.

All copies of the technology and related information, if allowed by Flexera, must display this notice of copyright and ownership in full.

Intellectual Property

For a list of trademarks and patents that are owned by Flexera, see www.flexerasoftware.com/intellectual-property. All other brand and product names mentioned in Flexera products, product documentation, and marketing materials are the trademarks and registered trademarks of their respective owners.

Restricted Rights Legend

The Software is commercial computer software. If the user or licensee of the Software is an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Software, or any related documentation of any kind, including technical data and manuals, is restricted by a license agreement or by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. The Software was developed fully at private expense. All other use is prohibited.

Disclaimer

Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. The provision of such information does not represent any commitment on the part of Flexera. Flexera makes no warranty of any kind with regard to this material, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Flexera shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.

The software described in this document is furnished by Flexera under a license agreement. The software may be used only in accordance with the terms of that license agreement. It is against the law to copy or use the software, except as specifically allowed in the license agreement. No part of this document may be reproduced or retransmitted in any form or by any means, whether electronically or mechanically, including, but not limited to: photocopying, recording, or information recording and retrieval systems, for any purpose other than the purchaser’s personal use, without the express, prior, written permission of Flexera.