UpGuard's core functionality solves a really basic problem– how is everything configured and is it all the same across like nodes– by scanning configuration state and visualizing anomalies. We're pretty happy with how we've solved that problem so we've started expanding to other fundamental problems that deserve elegant solutions. One of those is vulnerability management. Sure, there are ways to detect vulnerabilities today, but they suck to use and are over-priced. Since we have the core architecture in place to scan and evaluate machine state, testing for vulnerabilities is a natural addition.
For our initial release of vulnerability management, we used the Open Vulnerability Assessment language because there are multiple feeds that provide the best balance of breadth, depth, and maintenance. In the future we will add additional vulnerability assessment feeds in other languages, as well as expanding our content library for other types of evaluations.
There are two parts to the vulnerability assessment problem: doing the evaluation and presenting it in a way that is useful for people. Doing the evaluation is an engineering problem. We love engineering problems. (Look for an upcoming post from a dev on this project about how much he loves XML.) A small team took ownership of the product, figured out a solution they believed in, and finished it.
Presenting the information is a user experience problem, and this is where most enterprise software falls down. Fortunately, we had a ready-made solution in our node scan visualization. Instead of presenting the information as a gnarly data dump, we interleaved the vulnerabilities into the scan to put them in context, de-duplicate multiple vulns arising from the same item (e.g., Internet Explorer's many issues), and associate items that are implicated by a single vulnerability (e.g., when a file version and a registry key are both implicated).
Using our vulnerability scanner is very simple. From the node page, click the dropdown arrow below "scan" and select "Vulnerability scan." Next you select two parameters for what set of vulnerabilities you want to scan, and then you're done. When the assessment is done (it could take between a few seconds and a few minutes depending on the scope and operating system) you will see vulnerable items on your node visualization. At the bottom is a dedicated vulnerability section if you want to peruse the list of all vulnerabilities, and when you click a vulnerable item you can see a description of the issue and the test results.
Vulnerability scanning is a new feature that is not as fully developed as UpGuard's existing primary use cases like configuration visibility, differencing, and automated testing. But if you have no vulnerability detection, or want to see if you're really getting your money's worth from that expensive legacy solution, ours is included in UpGuard's standard feature set which you can try for free on up to ten nodes. And if you're already using UpGuard, now you're getting even more information for the same price.