Tech Preview


  • administrators

    The Tech Preview is out...

    Well, just remember, it is a "preview", so not even alpha stage yet.

    You can install the SecTeer Personal CARMA. It will register an account. It will start communicating with the back-end. It will do a scan (once it is time).

    The part about when the CARMA does the scan, that may seem a bit annoying, but we need to test the scheduling. We will implement something more responsive later (and we should be able to do this without you having to reinstall).

    The result you will get, will be limited, CARMA detects around 20 different pieces of software now and only reports that the software is installed.

    Next step will be to add more specific rules, that will report versions.

    Then we will start adding update / security / EoL information.

    We are working on a better and nicer looking UI and we will also work on the information we display in the "Applications" list.

    We did also not publish the Privacy / Data Processing Policy, that is due in a day or two. It will be GDPR compliant, except you can't delete your data yet, but that is implemented in the backend and is mostly a UI thing, so it is coming soon.

    You can get the Tech Preview of the SecTeer Personal CARMA here:
    https://carma.secteer.com/dl/secteerSetup.exe https://vulndetect.com/dl/secteerSetup.exe

    And you can login here:
    https://carma.secteer.com/personal-carma/ https://vulndetect.com/?1

    All it requires is a valid email and a recent version of Windows.

    And, you may want to know who you are dealing with; this site is sponsored and operated by SecTeer. SecTeer is incorporated in Denmark, founded by Dofri, Michael and Thomas. We all three held key positions at Secunia, Michael and I (Thomas / Tom) were also founders of Secunia. We left before it was acquired by Flexera. You can read more about the team behind CARMA at https://secteer.com/about/

    I will post more later today and tomorrow and...

    Happy testing


  • VulnDetect Team Member


  • Community Moderator

    @Tom You are on a good way to create a fantastic product.
    The advantage in comparison with your competitors is that your updates are verified and if VulnDetect reports an update then we can trust on this information.


  • VulnDetect Team Member

    Three months have passed and we have received a lot of awesome feedback on this forum and directly via email.

    This has kept our developers very busy during the hot summer, and their pipeline is still overflowing.

    We had intended to make more frequent releases with smaller changes. However, based on our learnings, we decided to make some fundamentally incompatible changes to the rules, the matching engine and the UI.

    We also decided that we needed a new name. Despite our intentions of sharing good CARMA 🙂

    In short:
    Next week we start the deployment of the "new product".

    First we will be making changes to the rules and the matching engine. So you should expect to see unexpected results 😉

    Once these changes manifest, we will be releasing an early alpha version of the new product. Don't be too disappointed, there will not be many visual changes, in the beginning, except the name change - sorry

    Shortly after releasing the early alpha version of the new product we will discontinue the SecTeer Personal CARMA. This means that you will need to uninstall Personal CARMA and install the new product.

    Coincidentally the new product will be named: VulnDetect

    Again thank you very much to everyone who in anyway has contributed to Personal CARMA, now VulnDetect.

    I would like to make it clear, that we are (still) firmly committed to providing a free version of VulnDetect for personal use.


  • Community Moderator

    Cool, I am keen on the "Group" feature.


  • VulnDetect Team Member

    @olli_s What you may start to see is more entries for programs that come with both 32 and 64bit files. Currently, these will be duplicates in the UI, but later they will be "grouped", so only when you decide to expand e.g. CCleaner, will you learn that we detect both ccleaner.exe and ccleaner64.exe
    So it is "just" another step in improving the detection.


  • Community Moderator

    Sounds cool


  • VulnDetect Team Member

    @olli_s True. There is no visible changes. This was solely some internal things regarding the processing of inspection data and results, but from a technical point of view, they were significant. However, it allows us to build better rules. So going forward this is a significant improvement. We also improved the performance of the processing.


  • Community Moderator

    @tom said in Tech Preview:

    Today we are rolling out some breaking changes to the database and back end

    And what changes should be visible?
    I see no changes in the list of applications


  • VulnDetect Team Member

    @olli_s No new client is needed. Everything got rolled out without issues and without noteworthy downtime.


  • Community Moderator

    Does this also need a new local client?


  • VulnDetect Team Member

    Today we are rolling out some breaking changes to the database and back end. This will cause some downtime. We do not expect any loss of data, however, some inspections may be postponed until tomorrow, because the back end is unavailable for a while.


  • VulnDetect Team Member

    A lot of work has been done in the last month.

    Most of this work has been on things that are not immediately visible. Most has been on creating new rules, improving the rule matching engine (to ensure that we can deal with 32/64bit app bundles, app components like Java, compress utilities, etc. and bundled apps like Office) and on our internal tool to create and edit the rules.

    This work should complete by next week, so we can start building "second" generation rules for improved detection of these "complicated" apps.

    We have opened a new category in the forum Detection issues and Suggestions please suggest any missing apps and feel free to report any errors you spot. There is a post with some guidelines about what information would aide us creating correct rules.

    We have also added detection of a few games and will potentially also add detection of drivers. This is purely a test and not something we are certain will continue, but everything depends on your feedback.

    Initially there was some issues with the first versions of the agent, a few of you have not yet upgraded, I strongly recommend upgrading, to get continuous inspection results. The latest version seems to be stable for all who upgraded.



  • @olli_s Yes, I managed to get it working using chrome first, however this is likely to be an issue with other firefox users.


  • Community Moderator

    @thebox So is your problem solved now?



  • The problem does seem to be with firefox only (even with add-ons disabled).
    Basically when you login on most sites for the first time, firefox asks if you wish to save login and password details to make it easier next time. Some https sites block this, but there are bookmarklets which up till now have allowed those sites to have their passwords saved also.
    The website (as you mentioned) is https://carma.secteer.com/personal-carma/ https://vulndetect.com/?1
    When I logged in the first time in chrome, it offered to save the login details as normal. I was then able to import passwords from chrome to firefox.
    (Apologies for the stressy first post, I was already having a bad morning before this!)


  • Community Moderator

    @thebox said in Tech Preview:

    OK NVM, I got it working on another browser, must be a firefox thing. First site of many that I have had this issue with though , so something must be different.

    Does the problem still occur?
    What website exactly is affected (is it https://carma.secteer.com/personal-carma/ https://vulndetect.com/?1) ?
    Does this only occur in Firefox?
    Does it also occur when you start Firefox with deactivated Add-Ons (found in the menu top right -> Help)?



  • OK NVM, I got it working on another browser, must be a firefox thing. First site of many that I have had this issue with though , so something must be different.



  • Login page at the Secteer website is broken and will not allow browsers to remember passwords (why do people do that?)
    Uninstalling, will try again if this gets fixed.



  • @tom KeepassXC is the one I recommend for those who are not lucky enough to have a PC :-))!


  • VulnDetect Team Member

    @gregalexandre This may be due to the account creation process not being streamlined in the first few days. Btw. KeePass is awesome, but KeePassXC even more so.