Let’s take a peek into creating custom (or user-defined) definitions, complete with custom detection rules, associated patch files, and special additional commands to ensure successful remediation of those highly used but unique applications. This tool is located in the Patch and Compliance section of the LANDesk Security and Compliance module.

Vulnerability definitions consist of a unique ID, title; publish date, language, and other identifying information, as well as the detection rules that tell the security scanner what to look for on the target devices. Detection rules define the specific platform, application, file, or registry conditions that the security scanner checks for in order to detect the vulnerability (or just about practically ANY system condition or status) on scanned devices.

Custom vulnerability definitions are a powerful, flexible tool that lets you implement an additional, proprietary level of patch security on your environment. Suppose you use a homegrown in-house application that needs to be updated. Using custom definitions, it assesses the system configurations, checks for specific file and registry settings, and deploys application updates.

Custom definitions don't necessarily have to perform remediation actions (deploying and installing patch files). If the custom definition is defined with a Detect Only detection rule or rules the security scanner looks at target devices and simply reports back the devices where the rule's prescribed condition (i.e., vulnerability) is found. For example, you can write a custom “Detect Only” rule for the security scanner to check managed devices for the following:

· Application existence

· File existence

· File version

· File location

· File date

· Registry setting

· And more...

To learn more about LANDesk Management Suite, join us for a webinar on May 19^th.