A short history of Shavlik
Shavlik Technologies is founded
Mark Shavlik, one of the original developers of Windows NT at Microsoft, starts Shavlik Technologies to tackle a problem nobody had solved well: knowing what was actually patched.
HfNetChk becomes the basis for MBSA
Shavlik's HfNetChk (HotFix Network Check) was strong enough that Microsoft licensed it to power the Microsoft Baseline Security Analyzer (MBSA). Shavlik patch and asset management became a staple of Windows administration.
VMware acquires Shavlik Technologies
VMware buys Shavlik. Mark stays on as Vice President and General Manager, bringing the patch heritage into a much larger platform.
The Shavlik business moves to LANDESK
LANDESK acquires the Shavlik business unit and product rights from VMware, keeping the technology growing.
LANDESK becomes Ivanti
LANDESK merges with HEAT Software to form Ivanti. The Shavlik patch technology becomes a core part of the Ivanti security portfolio, where it is still going strong today.
Mark Shavlik founds Senserva
Mark is now CEO of Senserva, applying three decades of Microsoft security experience to a new problem: Microsoft 365, Intune, Entra ID (logs included), CVEs, and Purview posture, with AI. The product is Siemserva.
The big names that ran and embedded Shavlik
Shavlik was not a niche tool. Microsoft licensed Shavlik's HfNetChk engine to power the Microsoft Baseline Security Analyzer (MBSA). VMware acquired the company outright. And through the Shavlik OEM program, leading security and technology vendors integrated or rebranded Shavlik's patch technology inside their own products.
Publicly documented Shavlik OEM alliance partners and acquirers. Trademarks belong to their respective owners.
So is Shavlik still around?
Yes. The Shavlik patch technology lives on inside Ivanti, used by enterprises, OEMs, and managed service providers around the world. If you rely on Ivanti or Shavlik patching today, you are in good hands, and nothing here asks you to change that.
What is new is the problem Mark went after next. Patching the endpoint was the 2000s problem. The 2020s problem is the cloud control plane: misconfigured identities, oversharing, and drift across Microsoft 365. That is what Senserva and Siemserva are built for.
How Senserva works with Ivanti and Shavlik customers
Senserva complements the Ivanti and Shavlik world rather than competing with it, both the OEMs who embed the technology and the direct customers who run it. Siemserva does not deploy patches. It is the independent double-check: it verifies patch coverage across Microsoft's own APIs (Azure Update Manager, including Azure Arc machines, Intune via Graph, and Defender TVM), enriches it with MSRC, CISA KEV, and EPSS, and pulls it together with whatever patching tools you already run into one unified, compliance-ready report.
On top of that, Siemserva adds 650+ Microsoft 365, Intune, Entra ID (logs included), CVEs, and Purview configuration checks, the posture layer that sits above patching. See how Siemserva and Ivanti fit together.
Try the Advanced Microsoft 365 Security Simulator
See exactly what Siemserva finds on a rich, realistic simulated tenant, no access to your environment needed. Launch it right after install, or ask for a free key. Teams report cutting Microsoft 365 and Azure hardening time by up to 80 percent.
Launch the Simulator, free