Christian Hindre, Flexera Software: the best starting point to protect data is the implementation of vulnerability management software tools
September 2016 by Marc Jacob
Flexera Software, a specialist in managing licenses recently acquired Secunia Reseach to add to its range a vulnerability management offering. Therefore, Flexera Software transforms software asset management practices by combining security products with existing solutions for Software License Optimization and Application Readiness. Christian Hindre, Sales Director Europe, Flexera Software, the best starting point to protect their data is the implementation of vulnerability management software tools to close these entry points.
GS Mag : Can you present Flexera Software in a few words ?
Christian Hindre : Flexera Software helps application producers and enterprises increase application usage and security, enhancing the value they derive from their software. Our software licensing, compliance, cybersecurity and installation solutions are essential to ensure continuous licensing compliance, optimized software investments, and to future-proof businesses against the risks and costs of constantly changing technology. A marketplace leader for more than 25 years, 80,000+ customers turn to Flexera Software as a trusted and neutral source of knowledge and expertise, and for the automation and intelligence designed into our products.
GS Mag : Last year, Flexera has acquired Secunia, which are the objectives of this acquisition ?
Christian Hindre : Flexera Software acquired Secunia Research to add Software Vulnerability Management solutions that reduce cybersecurity risks. Together, we are transforming Software Asset Management practices by combining security products with existing Software License Optimization and Application Readiness solutions. We are also changing the game by connecting the strategic dots between Software Asset Management and cybersecurity. And by harnessing the synergies between Software Asset Management and Software Vulnerability Management, Software License Optimization takes on even greater critical importance in centralizing core software asset management functions while minimizing software spend, software license non-compliance and cybersecurity risk. Organizations are now able to leverage asset management insights combined with vulnerability data to rapidly address the most relevant cybersecurity threats. Other IT disciplines will all immediately benefit from the success and maturity of Software License Optimization and IT asset management processes that are developed and applied for cybersecurity.
GS Mag : What is your flagship product in 2016/2017 ?
Christian Hindre : Vulnerability Intelligence Manager is a powerful software vulnerability management solution that facilitates effective reduction of the attack surface for cybercriminals, based on verified intelligence from Secunia Research, covering all applications and systems across all platforms. It drives prioritization by handling intelligence, workflows, tickets and alerts, and documents the steps to mitigate the risk of costly breaches. Our customers benefit from the expertise of our vulnerability research team who analyze the hundreds of potential vulnerabilities reported every day and deliver relevant and timely intelligence. Security teams and management have direct access to functionality using any device to continuously protect their critical assets.
Corporate Software Inspector empowers IT Operations teams to continuously identify vulnerable applications and apply security patches – before vulnerabilities that lead to costly breaches can be exploited. The solution leverages verified vulnerability intelligence and assesses over 20,000 applications, delivering tested patch packages for non-Microsoft applications, accelerating identification of vulnerabilities, driving their prioritization and reducing time to patch. Corporate Software Inspector is the preferred security patching solution for more than 1,000 enterprises worldwide. They benefit from our seamless integration with Microsoft products to simplify assessment of security status and patching of critical, non-Microsoft applications.
GS Mag : What is your primary target customer?
Christian Hindre : Our primary target customers are enterprises in the financial, healthcare, education, defense and energy/utility industries, as well as government entities – all of which require strong, relevant and regulated IT and information security strategies. However our large customer base spans all industries and company sizes.
GS Mag : What are the strong points of your offer ? services ?
Christian Hindre : Our Software Vulnerability Management solutions are founded on vulnerability intelligence by Secunia Research at Flexera Software. Our team is renowned for its accuracy, is the guarantor that the information our customers receive through our solutions is much more than just information. It is verified intelligence, which has been scrutinized and rated before being submitted to our users in alerts that are customized to their environment and requirements. Our skilled and dedicated researchers work diligently to uncover and coordinate the disclosure of software vulnerabilities, and also to verify any software vulnerability reported by other sources. We collect information from public disclosure lists and has custom-built robots crawl the internet for breaking news and rumors about new disclosures.
The result of this work is our Vulnerability Database, an unmatched catalog of over 50,000 applications which dates back to 2003. Our vulnerability research and our proprietary database are the foundation of our Software Vulnerability Management product portfolio which is developed to support the entire Software Vulnerability Management lifecycle. We also verify, test and write detailed advisories on vulnerabilities for all of the products in our database. In addition, we offer implementation services to help customers integrate their systems and policies, strengthen their infrastructure, and protect themselves against cyberattacks.
GS Mag : How do you accompany your clients ?
Christian Hindre : We have a designated team to ensure our customers are satisfied, since our absolute number-one priority is making our customers successful.
GS Mag : How is your sales department organized ?
Christian Hindre : We work with our customers through direct and channel sales, including sales operations and enablement, for the enterprise. We also utilize a number of French partners.
GS Mag : How is your technical support / assistance organized ? Christian Hindre : Support is included for our Vulnerability Intelligence Manager and Corporate Software Inspector products. We have an expert team of dedicated professionals that are available to answer questions and assist our customers. This support team is available during normal business hours in North America and Europe. Customers can also use our online system to log a case.
GS Mag : To conclude, what is your message to our readers ?
Christian Hindre : Every year, thousands of software vulnerabilities are discovered in thousands of products. Exploitation of vulnerabilities can cause extensive damage to organizations. However, vulnerabilities can be exploited in different ways and have different impact for organizations. As a general rule, extremely critical vulnerabilities need to be dealt with straight away. Others are not very critical, and can be dealt with in due time. Security teams need to match their own environment with the vulnerabilities that are discovered, assess the risk the vulnerability poses, and prioritize mitigation of the vulnerability. This is important because the majority of successful cyberattacks against organizations worldwide use known software vulnerabilities to gain access or escalate privileges inside corporate IT infrastructures. Once hackers have successfully exploited a vulnerability, they have the base to roll out their attack, moving around systems, collecting information, and deploying malware to steal or destroy business-critical information or cause disruption. For organizations, the best starting point to protect their data is to implement Software Vulnerability Management tools to close those entry points, before they can be exploited. The right set of tools provides timely, relevant and comprehensive intelligence from a trusted source about vulnerabilities discovered and disclosed every day that could impact the environment; and it enables IT teams to act on that information – either by applying a tested security patch, or applying work-arounds like sectioning off the vulnerable application from business critical data. Well implemented Software Vulnerability Management processes effectively reduce the attack surface for cybercriminals and hackers, consequently reducing the risk of security breaches. To assess the risk accurately, vulnerability intelligence from a trusted Software Vulnerability Management resource is essential. Vulnerability intelligence – unlike vulnerability information - means that reported vulnerabilities are actually verified, with additional intelligence, delivered in a format security teams can use and act upon, which explains how to handle the issue. Moreover, it means that the intelligence has been tested, vetted and is relevant – so that the intelligence delivered pertains only to vulnerabilities in products relevant to the specific environment.