Versio.io

Operating system & software version management

Automated & audit-proof documentation of operating system and software versions

Free trial In a nutshell NIS2 🇩🇪
 

Motivation

The detection of version information of the operating systems, software products and frameworks used is an essential building block for the stable, secure, efficient and audit-proof operation of IT and application systems.
For enterprise customers with hundreds or thousands of hosts, the recording and documentation of the versions of the products used can only be automated. With the detected and changing version information, the following use cases can be implemented automatically in an enterprise company:
  • Enterprise architecture - Verification of compliance with the specifications defined in the IT master plan.
  • IT security - Detection of deployed product versions with known IT vulnerabilities, unintentionally installed products for system hardening or used products that have reached the end of their service life and for which support and maintenance is no longer available.
  • IT operation - Identify changed versions of products in use in the IT landscape that could be the cause of an existing or impending problem.
  • Change management - Check whether a change ticket exists for the version change and whether it is a planned change. Otherwise, it is an unplanned change.
  • Cost allocation - Detect the execution of an update service and bill the owner for it.
 

Technical solution

Technical solution
X

Technical solution

A practical implementation example is demonstrated using the Versio.io solution. Versio.io is a change detection and post-processing platform.

For the technical implementation, a Versio.io OneImporter must be installed on each host. This agent performs version queries fully automatically and at configurable intervals.

The OneImporter sends the data with the software products and versions to the Versio.io platform. The platform determines whether changes have occurred, saves the change and executes post-processing triggered by the change.

X

It is possible to include all software products installed manually or with the package manager in the version query. For this purpose, Versio.io provides an extensive knowledge database for the version query of known software products. This can be expanded to include customer-specific and unknown products.

 

A practical example

A practical example
X

A practical example

The following example shows an operating system of a host with the detected versions of the software products installed on the host. These can be manual or package manager-based installations.

The lower box with the timestamp "17 minutes ago" shows the status of the software versions initially detected with the Versio.io OneImporter. Subsequently, an operating system update was carried out by the author. In the cyclically executed version detection by the OneImporter, all changed versions were automatically recorded and documented after the update. This can be seen in the box below with the time stamp "8 minutes ago".

Based on these detected changes of the software versions, a fully automated post-processing in Versio.io can now take place (see quotation marks in motivation section).

Summary

What can we learn from the detection of software versions and their changes described in the article:
  • The continuous determination of the version of software products in use is relevant for the stability and security of enterprise companies.
  • For reasons of efficiency and error-proneness of manual collection, version determination should be automated.
  • The ability to assess and post-process changing software versions enables the feasibility of many IT use cases. Automation is also indispensable here due to the mass of data to be processed and the error-proneness of manual execution.
  • The auditor of the next certification will be very pleased with the detailed recording of version information and its changes for the software products used.
Comments and feedback are welcome!
 
 

Author | April 2022


Contact person
Matthias Scholze
Chief Technology Officer
P:  +49-30-221986-51
LinkedIn


Keywords

Version

 

Operation system

 

Software

 

Product

 

Framework

 

Detecion

 

Documentation

 

Audit proof

 

Revision safe

 

Automation

 

IT security

 

Enterprise architect

 

IT operation

 

Change management

 

Cost allocation

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.