I hope you are all doing well. I am reaching out to seek your valuable insights and expertise on a critical matter. As part of our network’s security and maintenance efforts, I am looking for effective methods to detect and address obsolete versions of applications and platforms across our network.
As technology advances rapidly, outdated software can pose significant security risks and lead to vulnerabilities in our network infrastructure. To ensure the security and stability of our systems, it is essential to identify and address any obsolete versions of applications and platforms.
I am particularly interested in finding solutions that can scan and detect obsolete versions of:
Operating Systems: Including Windows, Linux distributions, and macOS.
Software Applications: Such as web browsers, office suites, email clients, media players, and other commonly used applications.
Server Software: Like web servers, database servers, FTP servers, and others.
Framework and Runtime Environments: For example, .NET Framework, Java Runtime Environment (JRE), and others.
Security Software: Including antivirus, firewalls, and other security-related applications.
Ideally, the solutions should provide clear information about the version status, highlight potential security risks, and offer guidance on upgrading to the latest supported versions.
If you have experience with effective tools, scripts, or methodologies that can help us achieve this goal, I would greatly appreciate your input. Whether it’s through automated scanning tools, PowerShell scripts, third-party software, or manual approaches, I am eager to explore various options to meet our network’s security needs.
Please share your knowledge and suggestions in the comments below. Your expertise will be invaluable in helping our network stay protected and up-to-date.
Thank you all in advance for your assistance and collaboration.
So I mean, that’s what InsightVM does. If you already have InsightVM and are using authenticated scanning or have deployed the InsightAgent then you are most likely already assessing for all of the things you mentioned above. The InsightAgent being local to the system is essentially an authenticated scan and will populate all of the known vulnerabilities for the OS or any software you have installed on that endpoint. For other things in your environment that do not have the agent installed, you will want to set up credentials for authenticated scanning to get the most verbose results of the actual vulnerabilities on that system.
Without an authenticated scan, the best that InsightVM can do is get the Network level vulnerabilities that include things like default accounts, TLS version, etc.
Now if you’re question is more focused on specifically how can you report on those findings specifically through InsightVM then that’s a different conversation and I would be happy to walk through that as well.
Thank you for your prompt response and valuable insights regarding InsightVM. Your explanation of how InsightVM works, especially in terms of authenticated scanning and the role of the InsightAgent, has provided clarity on how the tool assesses vulnerabilities for our endpoints.
Regarding your mention of reporting on the findings specifically through InsightVM, I would indeed appreciate your guidance on this matter. Having a comprehensive understanding of how to generate reports on the vulnerabilities identified, especially those related to non-agent-installed systems, would greatly enhance our ability to take proactive measures in addressing potential security risks.
Additionally, I understand that InsightVM may have limitations when it comes to detecting all obsolete versions due to its database size of known obsolete versions. It would be helpful to gain further insights into how InsightVM identifies obsolete versions and its approach to detecting platforms like Splunk, as you mentioned.
Your expertise in walking through these specific aspects will undoubtedly contribute to our efforts in strengthening our network security and ensuring we have a robust vulnerability management approach.
Once again, thank you for your willingness to provide further assistance, and I look forward to discussing the reporting capabilities and detection methods in more detail.