Testing Secpod Saner Personal vulnerability scanner

SecPod Technologies is an information security products company located in Bangalore, India. They are also known as top OVAL Contributor and NVT vendor for OpenVAS. Besides the products designed for a big enterprises (vulnerability scanner Saner Business and threat intelligence platform Ancor), they have either vulnerability and compliance management solution for personal use – Saner Personal. And personal means that this scanner will scan only localhost. It’s free, SCAP-compatible, it has remediation capabilities. And it works. =)

Secpod Saner Personal scanning results

Saner Personal is available for Windows, Linux and MacOS X. I have downloaded version for Windows here:

http://secpod.com/download-endpoint-security-software.html#

File SpSanerFree.exe 18.4 MB

I have installed it in Windows 8.1 Enterprise. Installation process is straightforward. No attempts to install bloatware.¬† It took 47 MB. With downloaded SCAP content and scan results size folder “C:\Program Files (x86)\SecPod Saner” is 252 MB.

Secpod Saner Personal installation Secpod Saner Personal installation Secpod Saner Personal installation

When installation was finished, SecPod Saner asked me to input CAPTCHA. No other registration was required.

Secpod Saner Personal  asked me to input CAPTCHA

Right after that it started to download and install SCAP-content: OVAL definitions for vulnerability and compliance scanning.

Secpod Saner Personal started to download and install SCAP-content

And without asking started system vulnerability and compliance scanning.

Secpod Saner Personal started system vulnerability and compliance scanning

Full scan took about 2 minutes. No vulnerabilities were found. But there were 22 configuration problems.

Secpod Saner Personal no vulnerabilities were found

When i clicked on “Click here for details” (under the frightened panda ^_^), Saner opened results section. Software inventarisation seemed ok. I think normally there should be an information about vulnerabilities, but unfortunately there were no vulnerable software on my host.

Secpod Saner Personal scanning details

Compliance section were more interesting.

Secpod Saner Personal Compliance section

CCE links are going to scaprepo website.

secpod saner (17)

Click on information icon opened a window with description of remediation process.

Secpod Saner Personal  window with description of remediation process

I have tested remediation of “Turn off Autoplay”.

Secpod Saner Personal remediation

Click on “Fix”. Queued… Installing… Fixed!

Secpod Saner Personal remediation Queued Secpod Saner Personal remediation Installing Secpod Saner Personal remediation Fixed

After performed remediation rescan is required.

Secpod Saner Personal rescan

Yep. One compliance issue is gone.

Secpod Saner Personal compliance issue is goneSecpod Saner Personal compliance issue is gone

Settings. It is possible to set up modes for scanning (vulnerabilities and compliance), directory for OVAL content, scheduler for updates and scanning, automated remediation mode, proxy server for internet access and language (but only English is available).

Secpod Saner Personal settings Secpod Saner Personal settings Secpod Saner Personal settings Secpod Saner Personal settings Secpod Saner Personal settings Secpod Saner Personal settings

SecPod Saner version 1.4.0.0 built on Sep 4 2015.

Secpod Saner Personal version 1.4.0.0 built on Sep 4 2015

License for one year.

Secpod Saner Personal License

And finally, I wanted to mention that content is stored openly in standard format and you can always verify what OVAL definitions was evaluated on the host and how. All results are stored here, in “compliance” and “vulnerability” folders in OVAL Results and OVAL System Characteristics formats.

Secpod Saner Personal content is stored openly in standard format

OVAL content from download.zip file.

Secpod Saner Personal OVAL content from download.zip file

MS_WIN8.1_VULNERABILITY-oval.xml

Secpod Saner Personal MS_WIN8.1_VULNERABILITY-oval.xml

My conclusion: I liked it. Great product for personal use. Very fast and easy. It not only shows the problems that you have with your host, but literally makes your host more secure through automated remediation. And the fact that it is based on NIST/MITRE open security standards and the fact that this software works transparently for the end user makes it all much better.

3 thoughts on “Testing Secpod Saner Personal vulnerability scanner

  1. Pingback: Remediation capabilities of Vulnerability Management products | Alexander V. Leonov

  2. Pingback: SteelCloud ConfigOS | Alexander V. Leonov

  3. Pingback: ZeroNights16: Enterprise Vulnerability Management | Alexander V. Leonov

Leave a Reply

Your email address will not be published. Required fields are marked *