Is VulnDetect dead?
-
@Tom : May I suggest that you also put the date for latest release of the agent in title of the relevant pinned post in "Announcement".
As prefix ?
Regards. -
@Tom You should solve the detection issues and add requested apps....
-
@Armin I agree with you, I really should.
I have come into a very bad habit of relying on OLLI to send me messages on Telegram and responding to him. I really should move the communication here and start replying to all.
-
@Armin Yes, I am a "normal" user that helps making the project a really cool and awesome tool.
I know that @Tom and the others of VulnDetect are working on new features (mainly for the business UI but we private users also benefit from then).
There are many rules that must be kept up-to-date, many security news must be read, vulnerability-informations must be collected and updates for applications must be packaged (some apps can be updated by VulnDetect with one mouse click).You also should know that I am in personal contact with @Tom nearly every day (Telegram chat) so he is really alive and working hard on the project.
He just needs to make the process a bit more transparent.
And he should look in the forums more often and answer postings.
I am going to tell him and kick his lazy butt (he sometimes needs that
). -
I receive the weekly Digest for the forums by email.
If I look at the last 2 weeks, then no user of the group "VulnDetect Employees" posted a reply (neither @Tom nor @VulnDetect).
These are the only users in the group "VulnDetect Team Member" where I see the description "VulnDetect Employees".I saw many posts from @OLLI_S but this user is in the group "Community Moderator" (description "Trusted members who has been assigned special privileges").
So I assume that @OLLI_S is a user like me that just has special privileges.So I really wonder what is wrong here.
When an official "VulnDetect Team Member" is not replying for 2 weeks (also not in this post here).
This is sad, very sad,Maybe @Tom should be more active here in the forums.
-
@Tom Should I update the feature requests, that are available in the Business UI with "Work in Progress"?
-
Thank you @Tom for your answer.
Ā
I see that you are working on your detection rules and add some requested apps.
And that you enhanced the UI for business users.
But for me - a personal user - it is very frustrating and unsatisfying to see no progress.
Ā
So many features could be added easily (and maybe are already present in the business UI).
Ā
For example, the Status for āUpdate Availableā.
When I expand an entry then I see at some entries the āRecommended versionā so you already have the information that there is a new version available.
Currently I have to expand all my entries (there are unfortunately no counters so I can not tell you how many entries I have) to see the āRecommended versionā (to see if there is a new version of the application available.
So VulnDetect is absolutely useless under the aspect that it tells me when there are new versions of my installed applications available.
I really hope that this feature is implemented soon.
Ā
The suggestion āList of Applications - Improved UIā is also a feature I would love to see (wrote this in Sept. 2018).
There I see the āUpdate Availableā status and a clear separation between vulnerable apps and apps without vulnerabilities. This points out the importance of updating vulnerable apps.
Ā
It should also be easy to add Column-Headers and make the columns sortable.
Ā
There are so many suggestions here in the forums but many of them are still missing and not even started.
@OLLI_S Maybe you update the status of the suggestions so we see what features are available in the business UI and will be released soon in the personal UI as well.
You have to be more transparent and listen to the community.
Ā
I really hope we see some updates in the personal UI soon.
Ā
Best regards
Ā
Armin -
@GregAlexandre It is because we update the original post, if you click the two top ones, then you will see all the changelog entries.
-
@Tom
Hi,
I had the same question as Armin.
I am glad to read that Vulndetect is still alive.
I did not see something younger than one year in https://vulndetect.org/category/1/announcements
Regards. -
Hi Armin,
Thank you for your concern.
We have made a lot of progress, except in the UI in the Personal. Most improvements have been in the backend and in the UI of the Corporate.
And every day we update software detection rules, update packages, update the security state of detected apps, and we add new detections and new packages.
So VulnDetect is by no means dead, but yes, I have to admit that we haven't been active here and that we haven't communicated about the backend progress there has been, which has positively affected the Personal edition of VulnDetect.
Some of these improvements for the Corporate edition are in the pipeline for the Personal edition.
In short, VulnDetect is alive and being maintained, and it is our only project. However, we are "behind" with the Personal edition.
Any and all relevant backend changes, as well as all updated and new software detection rules are available at the same time, for both the Personal and the Corporate edition.
You can also see the (now) updated changelogs:
https://vulndetect.org/category/1/announcements
