Secunia Network Software Inspector is a downloadable utility that enables an administrator to scan a machine or machines locally or remotely and receive a report of the recognized applications (based on application metadata) running on that machine. This report is further correlated against the vendor's own Secunia Advisory Intelligence DB, in an attempt to alert the administrator as to the presence of known vulnerabilities in the recognized applications (because a patch exists for the specific version of the application, for example). The product is not a real-time behavioral analysis tool; i.e., it does not scan all applications found to test what they actually do. Thus, it relies both on the existence and accuracy of application metadata for correct identification as well as the existence of an already published patch or documentation as to a known vulnerability in each specifically identified application.

The tool is a downloadable offering that is licensed by the number of hosts that will be scanned (each licensed host can be scanned an unlimited number of times). A host license includes software updates, detection rules, support, and usage for 1 year. The vendor bills NSI as the successor to their free "Online Software Inspector" (OSI) tool, which can be launched through the browser to scan the customer's host machine; and the downloadable free Personal Edition (PSI) of the software for Windows (2000/XP/2003/Vista) PCs. A key difference between the products is scope: NSI/PSI detects and inspects "thousands" of applications, as compared to the "... few dozen of the most common applications ..." detectable by OSI. And NSI is offered for commercial uses (providing the ability to scan network machines, while PSI supports only private uses on a single machine.

The vendor states that the application can scan all executables on the host machine (Windows), producing a map of the applications and components down to their version number. Two engines are offered with the tool: A GUI-based scanning engine, and an Agent/CLI/Service edition (can be run from the command line or as a service). The GUI tool supports agentless scanning and can inspect local or remote hosts from a central location (with separate rules for local/remote hosts), while the Agent tool can scan local hosts on a schedule.

For administrators, key features include a remotely accessible centralized management dashboard; host and software overviews; scheduling; text messages on changes; daily/weekly E-mail change summaries; historic data storage and differential scan reporting; and one-click remote system inspection launches.

Secunia OSI, PSI, and NSI are available now; PSI, in particular, is now out of Beta status (the 1.0 release is available).

Contact the vendor for further information.