Are product details available to satisfy corporate IT governance? RRS feed

  • Question

  • Are any details available for the Sysinternals utilities describing details such as whether or not the code has been scanned for vulnerabilities and which of the utilities, if any, send captured data back to Microsoft or any other party?  It would be good if this information was provided for each of the utilities individually and a date/version of the last code scan and review.  This would be helpful for people using them in environments with rigorous governance practices.

    Is any information of this kind available?  

    Tuesday, September 8, 2020 4:03 PM

All replies

  • In our organization the onus is on the system administrator to provide for antivirus scanning.  Reputations of files are an evolving thing.  About the only thing I have come to expect from vendors is posting of checksums for posted files so that you can verify downloaded content was not manipulated in transit. 
    Wednesday, September 9, 2020 1:32 AM