Software inspection apps help you identify the software installed on your computer and keep it up to date. They scan your computer for thousands of known programs, check for missing security patches and vulnerabilities in those programs, and report back to you with information on how to update them.
General information
Download the Software Inspector
- Corporate Software Inspector (CSI) for Mac | IUware
- (A Windows version is unavailable via IUware)
IU IT Pros who deploy software inspection agents to systems should provide notification to the users describing who will use the tool, how, and for what purpose, as well as anticipated use of the resulting information.
For more information about the software inspection products, see:
Frequently asked questions
Software and operating systems aren't coded perfectly, and attackers are always searching for vulnerabilities. Vendors continually work to patch these vulnerabilities — and when they do, the patches are released in the form of updates. You risk leaving your computer and personal information vulnerable by neglecting to patch your software in a timely manner.
After software is released, vulnerabilities are frequently found that allow attackers to exploit the program and gain access to your computer and files. Therefore vendors frequently distribute fixes to update the programs and remove the vulnerabilities. When you don't keep it up to date, attackers are able to target you and use the vulnerability to get to your data. Keeping your software applications up-to-date, or removing the software altogether, mitigates these risks.
The Indiana University version of CSI may have been installed on your computer in one of two ways:
- Via IUware (if you installed the Secunia CSI (Mac) package)
- By your department's local IT Pro
The CSI agent that is installed on your computer sends information about the software programs on your computer to the CSI server run by UIPO and UITS Leveraged Services.
The CSI agent collects a list of software applications installed, along with their version numbers, and locations on the computer. It does not collect the content of any files. See a detailed response in the "Privacy notice" section of http://kb.iu.edu/data/azfj.html.
All data sent from your CSI agent to the CSI server at IU is communicated via an encrypted connection.
The notice itself isn't discipline, but creating risks to institutional data or engaging in unlawful file sharing may lead to discipline and personal liability.
- See our guide on disabling peer-to-peer (P2P) software
Follow the Instructions in the IU Knowledge Base
UIPO licensed the Secunia Corporate Software Inspector (CSI) to provide IT professionals with an easy way to identify, inventory, and patch software vulnerabilities. Additionally software packages can be patched via Microsoft SCCM or WSUS. IT professionals who run their own WSUS or SCCM servers may be interested in running their own Secunia CSI console account in order to create and push out these patches.
IT professionals who want a console account can contact to request an account.
Don't want to run the console?
IT pros who want to take advantage of the CSI but don't want to run the console may distribute the generic Secunia CSI agent and view the results via the UIPO's Self-Service Unblock.
To distribute the agent, link the "IU-UISO-CSI" GPO to your OU. For instructions, visit: Link a Group Policy Object from Microsoft TechNet.