Personal and Corporate Software Inspector
Secunia Personal Software Inspector (PSI), available for Windows operating systems, helps you identify the software installed on your computer and keep it up to date. Secunia PSI scans your computer for thousands of known programs, checks for missing security patches and vulnerabilities in those programs, and reports back to you with information on how to update them.
Download the Personal Software Inspector
IU LSPs who deploy CSI agents to systems should provide notification to the users describing who will use the tool, how, and for what purpose, as well as anticipated use of the resulting information.
For more information about the PSI and CSI products, see:
Frequently Asked Questions
Below are several frequently asked questions about the implementation and use of CSI, including email notices that are sent.
- Why do I need to keep my software updated?
- What are the risks of having vulnerable software installed?
- How did CSI get installed on my computer?
- How does IU know that I have peer-to-peer software installed?
- What information is CSI collecting?
- How is the information about my computer protected?
- If I receive a notice from the UIPO generated by Secunia CSI, does that constitute a disciplinary action and will it affect my academic standing or employment status?
- How can I remove peer-to-peer file sharing software?
- How can I remove the Secunia CSI agent?
- What options are available to IT professionals?
Software and operating systems aren't coded perfectly, and attackers are always searching for vulnerabilitiies. Vendors continually work to patch these vulnerabilities — and when they do, the patches are released in the form of updates. You risk leaving your computer and personal information vulnerable by neglecting to timely update and patch your software.
After software is released, vulnerabilities are frequently found that allow attackers to exploit the program and gain access to your computer and files. Therefore vendors frequently distribute fixes to update the programs and remove the vulnerabilities. When you don't keep it up to date, attackers are able to target you and use the vulnerability to get to your data. So keep your software applications up-to-date by removing or patching vulnerable ones.
The Indiana University versions of PSI and CSI may have been installed on your Windows computer in one of three ways:
- Via Get Connected (if you live in the residence halls)
- Via IUware (if you installed the Secunia PSI from IUware)
- By your department's local support provider (LSP)
The CSI agent that is installed on your computer sends information about the software programs on your computer to the CSI server run by the UIPO.
The CSI agent collects a list of software applications installed, along with their version numbers, and locations on the computer. It does not collect the content of any files. See a detailed response in the "Privacy notice" section of http://kb.iu.edu/data/azfj.html
All data sent from your CSI agent to the CSI server at IU is communicated via an encrypted connection (SSL).
If I receive a notice from the UIPO generated by Secunia CSI, does that constitute a disciplinary action and will it affect my academic standing or employment status?
The notice isn't discipline of itself, but creating risks to institutional data or engaging in unlawful file sharing may lead to discipline and personal liability.
The UIPO licensed Secunia Corporate Software Inspector (CSI) to provide IT professionals with an easy way to monitor software vulnerabilities. Additionally software packages can be patched via Microsoft SCCM or WSUS. IT professionals who run their own WSUS or SCCM servers may be interested in running their own Secunia CSI console account in order to create and push out these patches.
IT professionals who want a console account can contact the UIPO to request an account.
Don't want to run the console?
IT pros who want to take advantage of the CSI but don't want to run the console may distribute the generic Secunia CSI agent and view the results via the UIPO's Self-Service Unblock.
To distribute the agent, link the "IU-UISO-CSI" GPO to your OU. For instructions, visit: Link a Group Policy Object from Microsoft TechNet.