CVA improvement suggestions & Wish-List

[Guest]

[3xist]

Hi Guys,

I made this a sticky. This is now also the wish list for CVA.

Josh

[LeoniAquila]

Hi Guys,

I made this a sticky. This is now also the wish list for CVA.

Josh

That's a great idea Josh. The thought came across my mind but then I forgot it.

LA

[Liron Jan]

How about function only to detect windows updates and not to wait until all the files on the computer to be scanned and only then CVA try to detects windows updates.

I don't exactly know if someone suggested this function before so sorry if I repeat it.

[spasserfan]

Any comments on the below umesh?

Implementing as windows task was just what I wanted, that way the check could be done when the system is idle. If CVA doesn't find any vulnerabilities then the program just shuts down silently, but if any vulnerabilities has been found it prompts the user.

As for updating programs automatically, it would be nice if one could specify a command line which CVA should run if vulnerabilities is found in a particular program (many programs has an external updater or some could be updated by using a command line switch). Of course the command line should be an option (deselected by standard) to make CVA user friendly but also making a good program for professionals.

The way you could implement this could be like this: The first time a vulnerability has been found in a program CVA would prompt the user (if the command line option is selected ) if he wanted to:

• Set a command line for this program
• Not to run a command line with this program

And of course an "remember" option (like in CFP) to let CVA run the specified command line every time a vulnerability has been found for that particular program or never run a command line for that particular program but instead prompt the user to manually update.

[umesh]

Hi spasserfan,
In 26th Aug, 2008 release we are not going to cover your request to specify application specific updater.
We would consider it later. The forthcoming release will only allow you to schedule CVA scan.

Thanks
-umesh

[spasserfan]

Hi spasserfan,
In 26th Aug, 2008 release we are not going to cover your request to specify application specific updater.
We would consider it later. The forthcoming release will only allow you to schedule CVA scan.

Thanks
-umesh

It is a wish list, so as long as it will be considered in a future version I am happy . Development takes time and I am sure that in the end this product will will be the best! Keep up the good work!

Lokking forward to the 26th august release (if release date is not delayed )

[tetsuo55]

it might sound strange, but why not add this ability to CAV and or CFP.

These programs are scanning your files anyway, they might as well give an on acces or on scan popup or whatever.

like:

The application you just started has a fixed/updated version

Or a full system scan could have an extra report with out of date programs

As CAV and CFP are running in memory anyway and aleady have a whitelist, they could even show a popup when a new version is availble without the need for scanning at all!

It gets even worse(but this should be fixed soon enough)
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=knowledge_center&articleId=9112099&taxonomyId=1&intsrc=kc_top

[Tags:]