Drat! I knew a notification asking me to “view an important message regarding the future of this product” for Secunia’s Personal Software Inspector probably wasn’t good news. Once again, I took no pleasure in being right. That’s because the message was that it will soon be time to say “Bye bye Secunia PSI!” (That’s almost how the company entitled their explanatory blog post, too: “It’s time to say goodbye to PSI.”) Here are the relevant screen captures:
Less than two months left before end-of-life comes to Secunia PSI. It’s been a mainstay for me for at least a decade. Bummer!
After Bye Bye Secunia PSI, Then What?
Good question! There’s a Flexera CSI (Corporate Software Inspector), which costs money to obtain. I’ve sent them an email asking about their pricing and availability for 15 seats (I have 8 PCs currently, have had as many as 12 here at Chez Tittel at one time, and want to leave some room for growth). I’m hoping it’s not too horribly expensive, because I really want to keep up with the anywhere from 40-120 applications and apps resident on the local tablets, laptops, and PCs around here. Thanks to the labeling and language on the Flexera website, I’m pretty sure that this fits into their Software Vulnerability Manager product.
But looking around for other drop-in (and free) replacements for PSI, I don’t see a whole lot that provides similar capability with equal ease of use. Sure, there’s the Microsoft Baseline Security Analyzer (MBSA) but it doesn’t automate patching or fixing the holes that it finds. Then there’s BeyondTrust’s free vulnerability scanner, Retina Network Community. But I see that it requires an IIS server and an MS SQL Server to be installed (and it can’t reside on a domain controller or Small Business Server, either). Sounds like more work that I want to do. But that’s it. All the other programs I read about (see Eric Geier’s 2014 Network World story “6 free network vulnerability scanners” as a typical case in point) either limit the scope or the number of scans you can use their tools for. The level of automation also leaves a lot to be desired.
Hmmmm. This is going to leave an interesting gap in my defenses. Hope it doesn’t prove too time-consuming, effort-laden, and expensive to fill. Sigh.