New Silverback Upgrade Assesses Vulnerabilities

Silverback Technologies Inc. is jumping on the patch management bandwagon.

Silverback Technologies Inc. is jumping on the patch management bandwagon with a new version of its resource monitoring software that adds vulnerability assessment.

Release 3.8 of SilverBacks namesake software for monitoring network, system, application and firewall availability and performance for midsize customers emphasizes the ability to identify, prioritize and mitigate Windows vulnerabilities, officials said.

"Were doing the assessment piece. We dont do mass deployment of patches," said Deb MacCallum, co-founder and vice president of research and development at SilverBack, in Billerica, Mass. "We update our customers on any applications in their environment and let them know where they stand [with new Microsoft Corp. bulletins]. They can see across the board how many outstanding patches they need to deploy or how many SQL Server machines would be affected by attacks [against those specific servers]."

With Microsoft "on a path to do 300 patches this year," staying current and prioritizing which vulnerabilities need the most immediate attention can be difficult—especially for organizations with small IT staffs.

That the patch management function does not do patch deployment doesnt bother new users at the Minnesota Housing Finance Agency. "I just want to identify whats out there for me to patch my servers. I can use this software instead of having to check myself," said Anthony Peleska, technical services lead at the state agency, in St. Paul.

The tool employs the same interface used for firewall monitoring, operating system tracking and reporting, virus screening, and so on. Users can also pull down patches through the user interface.

The new release, which adds other security functions, can scan for and report on viruses as well as unauthorized guest accounts and version vulnerabilities. It also tracks security events for Windows servers such as changes in accounts or policies.

New firewall monitoring functions include the ability to detect unauthorized connection or port scan attempts on firewall and virtual private network products from Cisco Systems Inc., Check Point Software Technologies Ltd., WatchGuard Technologies Inc., SonicWall Inc. and NetScreen Technologies Inc.