CVA improvement suggestions & Wish-List

[LeoniAquila]

Hi Guys,

I made this a sticky. This is now also the wish list for CVA.

Josh

That's a great idea Josh. The thought came across my mind but then I forgot it.

LA

[Liron]

How about function only to detect windows updates and not to wait until all the files on the computer to be scanned and only then CVA try to detects windows updates.

I don't exactly know if someone suggested this function before so sorry if I repeat it.

[spasserfan]

Any comments on the below umesh?

Implementing as windows task was just what I wanted, that way the check could be done when the system is idle. If CVA doesn't find any vulnerabilities then the program just shuts down silently, but if any vulnerabilities has been found it prompts the user.

As for updating programs automatically, it would be nice if one could specify a command line which CVA should run if vulnerabilities is found in a particular program (many programs has an external updater or some could be updated by using a command line switch). Of course the command line should be an option (deselected by standard) to make CVA user friendly but also making a good program for professionals.

The way you could implement this could be like this: The first time a vulnerability has been found in a program CVA would prompt the user (if the command line option is selected ) if he wanted to:

• Set a command line for this program
• Not to run a command line with this program

And of course an "remember" option (like in CFP) to let CVA run the specified command line every time a vulnerability has been found for that particular program or never run a command line for that particular program but instead prompt the user to manually update.

[Umesh]

Hi spasserfan,
In 26th Aug, 2008 release we are not going to cover your request to specify application specific updater.
We would consider it later. The forthcoming release will only allow you to schedule CVA scan.

Thanks
-umesh

[spasserfan]

Hi spasserfan,
In 26th Aug, 2008 release we are not going to cover your request to specify application specific updater.
We would consider it later. The forthcoming release will only allow you to schedule CVA scan.

Thanks
-umesh

It is a wish list, so as long as it will be considered in a future version I am happy . Development takes time and I am sure that in the end this product will will be the best! Keep up the good work!

Lokking forward to the 26th august release (if release date is not delayed )

[tetsuo55]

it might sound strange, but why not add this ability to CAV and or CFP.

These programs are scanning your files anyway, they might as well give an on acces or on scan popup or whatever.

like:

The application you just started has a fixed/updated version

Or a full system scan could have an extra report with out of date programs

As CAV and CFP are running in memory anyway and aleady have a whitelist, they could even show a popup when a new version is availble without the need for scanning at all!

It gets even worse(but this should be fixed soon enough)
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=knowledge_center&articleId=9112099&taxonomyId=1&intsrc=kc_top

[Ronny]

Email scan report to administrator (for x Servers to schedule a scan and receive the report via email) ?

Make the Generate Unrecognized Products Report "Selectable" which you would like to report and which not (For Privacy, or Inhouse build software that will not be publicly available etc).

[mrahk]

I would like to suggest an improvement in the settings.
I think it is relatively easy (too easy) to close CVA. It closes silently when the cross (the close button) is clicked upon. Since I like to use it as replacement for Secunia PSI I prefer that clicking the close button minimizes the program to the system tray.
Furthermore since it is a security program I assume it is right and polite that the program asks a confirmation before closing down completely

[panic]

Have the vulnerability reports sent to CESM, if installed.

[Umesh]

Hi Ewen,
CVA Integration with CESM is in the pipeline and through CESM you would be able to see vulnerability report.

Please do take a note of "Edit-->Scheduler" option, with the addition of this we have made sure that user doesn't have to bother about running CVA manually but he can schedule it at certain interval and with the help of option "Run in background" and "Prompt if vulnerable application is found before exiting" he can only be bothered by CVA if any vulnerable application is found else it will simply create the report, if selected, and exit.

Thanks
-umesh

[Graham1]

I think it would be quite usefull to have some kind of vulnerabity status on the front page or new tab showing % of critical, moderate, etc vulnerabilities of your computer.



Edit: Personally, I would like to see unrecognized software in it's own tab rather than a seperate window.

[Graham1]

I would like to suggest an improvement in the settings.
I think it is relatively easy (too easy) to close CVA. It closes silently when the cross (the close button) is clicked upon. Since I like to use it as replacement for Secunia PSI I prefer that clicking the close button minimizes the program to the system tray.
Furthermore since it is a security program I assume it is right and polite that the program asks a confirmation before closing down completely

I agree also . I prefered when the older version of CVA minimized to the system tray when clicking on the "X". Too easy to close or at least a prompt as mentioned.

[Toxteth O'Grady]

I agree also . I prefered when the older version of CVA minimized to the system tray when clicking on the "X". Too easy to close or at least a prompt as mentioned.

I requested the removal of that minimize option and I'm glad to see it works normally now. Just about every program closes when clicking the "X".

[Graham1]

Just about every program closes when clicking the "X".

Yes, that is true. I guess I've just got into the habit of expecting it to minimize though. Still, I think a prompt would help as this is found in some software.

[Ronny]

And most of the one's that don't have it configurable in the GUI "Minimize on exit".
But then again, i don't see this one sitting in my systray all day, this for me is a typical "once a week" app.