14 DAY TRIAL // Few users think of the exposure of their system on account of security vulnerabilities available in the various programs installed. Secunia PSI (Personal Software Inspector) has been conceived as a simple, effective and automatic way to keep your software updated to the latest secure version. Its purpose is to inform you of installations that have been reported as vulnerable.
Unlike applications designed to compare the version of the software available on your computer to what the developer has to offer, Secunia PSI puts security above all updates. Thus, it will not urge you into updating an application just because a new release has been issued, but only if the edition on your PC presents security advisories and a newer, patched one is available.
Being one of the largest and most reliable providers of vulnerability intelligence, Secunia has built a hefty database with software advisories and keeps a good tab on applications and their security holes. Personal Software Inspector relies heavily on the said database as well as on the user community reports. The best part is that it is free of charge.
Installing the application requires some attention, but not because it pushes third party software on your system but because the procedure contains configuration screens. These refer to enabling auto-updates for some insecure and end-of-life programs and the display of full information the moment a change is operated (name of the program that is installed or removed).
Once launched, PSI analyzes the system drive for vulnerable programs by default. Other drives can be included in the sweep as well, from the configuration menu. The results returned show the program state, threat rating (if applicable), the version number detected on your system and the recommended solution (if applicable).
As far as the interface of the application is concerned, it is nothing complicated once you get used to all its knobs. However, at a first glance it can seem pretty daunting due to the amount of information available. At a closer look you’ll notice that all the bits of details are actually quite easy to assimilate.
Also, the amount of options is pretty limited. Running down in the left hand part of the screen are all the options to handle the program and learn the overall state of the programs available on the system (under Dashboard). This includes the date and time of the last scan, informs you if auto-updates are enabled, and shows the current state of the programs as well as the worst one.
Besides the state of the program, scan results window is also a means to find out a specific program was labeled as insecure. Generally, the message is that version than the version installed on your computer is outdated and there is a newer one containing security fixes.
Programs can be marked individually for automatic updates. All you have to do is set the default language and Secunia PSI will start the updating process. If you are advised to install a new version of the product, Personal Software Inspector starts a direct download (if possible) or opens up the developer’s/vendor’s website for you to choose the latest version.
For all the items detected on the system the application puts at your disposal all the information Secunia has. This covers advisories, product page on Secunia, or the discussion forum page involving the selected element.
The list of shortcuts available does not end at this, though. Personal Software Inspector lets you re-scan the program as well as open up Windows’ uninstaller to remove the product. Moreover, if you encounter problems updating a software you can create a troubleshoot report you can show to members of the community to help you solve the issue.
Actual scan times take very little to complete and covers all programs files on the drives for which it is enabled. During the process information is being exchanged with Secunia servers and details on the operating system are collected. Microsoft Update is used to determine if there are patches needed by the system.
All information exchange is done through an encrypted SSL connection, so snoopers can’t extract anything, and nothing personal is collected from your computer. In our case the entire procedure required very little time to complete (less than a minute) and the results were accurate.
Advanced users will find in the application a special section dedicated just for them: Secure Browsing (activate the feature from the configuration window). It practically tells you if there are any browser plugins (Flash, Java, Adobe Reader, .NET Framework, etc.) present vulnerabilities.
Even if your web browser is patched against the latest vulnerabilities you can still be the victim of an attack due to exploits found in these add-ons. What PSI does is present all browsers installed on the computer and bring to light the additional components’ security issues. We noticed that Internet Explorer is not listed here, and we assume that the reason for this is that the product is updated through Microsoft Updates.
Customizing the behavior of PSI is a walk in the park. There are few options at hand, and all of them are clear to understand and easy to enable. Two of the most useful choices are to set it to start with Windows and continuously monitor program installation and removal. It can also be configured for auto-updating insecure items, alert you of running such updates or show detailed program changes.
On the downside, during our tests the app failed to detect in some cases the presence of new software on the monitored drives. We figured that a 30-minute wait was too much for real-time monitoring and manually started a scan, which solved the problem.
By default only system drive is enabled for scanning, but you can add any other partition. In our case PSI detected all program installations on the test computer and included even portable apps. If you want it to skip specific folders from the scan it lets you create an exclusion list with all the paths you wish out.
Apart from the interface issues we ran into when maximizing the application window PSI gave us no trouble. However, we have to report that sometimes the app had an increased RAM usage that reached even 94MB, with no scan running. On the other hand, when running in the background, the agent required as little as 10MB.
In case of a vulnerable program and there is a newer, better version you are either given a direct download link or sent to the web page providing the download. Automatically updating the programs (where possible) is also on the list of PSI’s advantages. In our case it did recognize most of the software, but there were some pieces we sent to be added to their database. We experienced some trouble with the real-time detection of new programs but apart from this, performance-wise everything worked fine.
The Good
The Bad
The Truth
