Dear JDisc friends, find the German translation from our long term partner i-doit: https://www.i-doit.com/blog/log4j-linux-skript-von-jdisc/ I think everyone is busy figuring out if any applications are affected by the log4j security issue. While this may be easy for commercial applications, the vulnerability can be difficult to find for custom applications that are hosted in your data…
Dear JDisc users, I am pretty sure that you are aware of the log4j security issue CVE-2021-44228. JDisc Discovery is mainly written in Java and we have investigated whether we are affected. One external library (yavijava – a library to access VMware ESX and VSphere servers) uses log4j in version 1.2.17. We have investigated the…
In order to scan devices properly, JDisc Discovery users need to configure access credentials. For security reasons, we do not display the passwords in clear text (neither in the UI nor in the logs). But how do you verify that you made no mistake when you entered the password? Misconfigured passwords lead to an access…
Dear JDisc friends, upon a customer request, we have implemented a new feature to collect the list of pending updates on Windows and Linux computers. Three weeks ago, we added this feature for Linux and with build 5086 we finalized the data collection for Windows computers. We hope that this data helps to keep your…
Dear JDisc friends, we understand that storing your crown jewels (administrative accounts and passwords) in products like JDisc Discovery is not something that IT security departments really like. There is always the conflict between being as secure as possible and getting current inventory information (which often requires administrative accounts). Therefore, we implemented on request from…
Dear JDisc users, just recently, we have added support for the CyberArk solution for managing accounts and passwords within your enterprise. Due to customer requests, we have integrated the Thycotic second password management tool. Your passwords are no longer stored within JDisc Discovery’s database but stay in the Thycotic SecretServer. JDisc Discovery only requests the…
Dear JDisc Users, we have extended our Security Add-On to collect information about local users and their password information. The issue with local users is that they are difficult to control. For users which are part of a Windows domain, it is pretty simple to configure policies to change the password on a regular basis.…
Dear JDisc friends, We are proud to announce that we have been certified by CyberArk! CyberArk is the global leader in Identity Security. Organizations use CyberArk to manage and secure the human and machine identities in their environment, many of which will have some form of privileged access. Part of securing these identities involves automatically…
Dear JDisc friends, since its beginnings, JDisc Discovery collects network interface configuration information such as IP addresses and subnet masks. When everything is properly configured, and the subnet masks are correctly set on the interfaces, then everything is fine. But what happens when that is not the case? So let’s assume your company has two…
Dear JDisc friends, based on several customer enhancement requests, we have extended our Security Add-On to scan the list of installed Antivirus software together with its enabled state and its updated state. The updated state defines whether the Antivirus definition files are up-to-date. This new feature offers a good overview over the Antivirus software used…