Secunia (News - Alert) is an international IT security company, based in Copenhagen, Denmark. The firm specializes in vulnerability management, and was founded in 2002 on a budget of $26,000. From the beginning, its focus was on the development of applications to address vulnerabilities in software and operating systems.
The Secunia Personal Software Inspector (PSI) is a free computer security solution designed to identify vulnerabilities in non-Microsoft (News - Alert), or what is considered third-party software. It scans software on a user’s system and identifies programs that are in need of security updates.
Once a problem is identified, it supplies the computer with the necessary software security updates.
Secunia PSI can also be used to run updates automatically.
Now, Secunia has entered the mobile security market. Today, the firm announced the availability of Secunia PSI for Android. Just like the original PSI scanned your computer, this version scans your Android (News - Alert) devices for vulnerable apps.
At Secunia, they feel that Android’s position today is the mobile equivalent to Window’s position 10 years ago. Secunia decided on the Android platform, as 50 percent of the global market share currently subscribes to this carrier.
Morten R. Stengaard, Secunia’s director of product management and quality assurance, said, “At Secunia we believe that we will see some repetition from the way threats to PCs have evolved over the past 10 years, in the way the threat landscape on mobile evolves – although at an accelerated pace, since all stakeholders can adapt learning from their PC journey to the mobile journey quite easily. First of all, it is easy to find vulnerabilities in apps for mobile. Mobile app development is often untested, rogue territory, and there is a large quantity of flawed code in the programs. The flawed code is the vulnerability criminals exploit.”
“This presence of flawed code can make it easier for a criminal to gain access to a widely used social media app like Facebook (News - Alert) via vulnerability, than it is to trick individual users into installing malware that provides access to a specific social media account,” he added. “Since social media accounts already have access to much of their users’ data, these accounts are valuable targets.”
Secunia PSI for Android is designed to scan all apps on the Android phone, including those that are downloaded from the Google (News - Alert) Play Store, and from other external sources. It alerts the user to apps with known vulnerabilities.
Once any vulnerability is found, it can then let the user know if there are available updates to resolve the issue.
Stengaard continued, “It is possible to enable the ‘automatic update’ functionality in Google Play – but the updates are not necessarily deployed immediately. The Secunia PSI for Android will serve as a validation mechanism and as assurance that security updates are performed quickly. And unlike the Android auto-update mechanism, it covers apps that have not been installed via Google Play. This means that if an app from an external source contains vulnerabilities, the update mechanism will not help you.”
Similar to the Secunia PSI for PCs, the Secunia PSI for Android will be free for private users. If you want to see how the Secunia PSI for Android works, you can download it for free from the Google Play Store.
Earlier this week, Secunia launched the Secunia SmallBusiness application, a patch management solution for the SOHO/Small Business segment. Together with Secunia for Android, these solutions provide a complete approach to endpoint vulnerability management.
All of this aligns with the company's vision to provide the industry with the most comprehensive vulnerability management solutions.