Forum Discussion

philippwree's avatar
philippwree
Copper Contributor
Jun 08, 2020

How is the software inventory created in MDATP?

Can anyone tell me exactly how the software inventory is created in MDATP? We have about 600 packaged applications, but only 200 are shown in the software inventory. When I look at the software inven...
Tomer Teller's avatar
Tomer Teller
Icon for Microsoft rankMicrosoft
Jun 21, 2020

philippwree - Thank you for the feedback. Your analysis is accurate.

We currently do not reflect Non-CPE products in the main software inventory page, this is planned to be fixed in the upcoming months. 

 

 

  • philippwree's avatar
    philippwree
    Copper Contributor
    Oct 05, 2021
    Now 14 months have passed. Is there any new status for reflect Non-CPE products in the main software inventory page?
    • Tomer Teller's avatar
      Tomer Teller
      Icon for Microsoft rankMicrosoft
      Oct 05, 2021

      philippwree - While this capability was indeed deferred in previous releases the good news that it will land in this Q4.

  • Sergg's avatar
    Sergg
    Iron Contributor
    Jul 14, 2020

    Tomer Tellersorry for chasing you, but can you please explain if few more sentences the ent-to-end process of https://securitycenter.microsoft.com/software-inventory and https://securitycenter.microsoft.com/vulnerabilities get collected? Frequency, timeouts, does it uses Windows Update or registry, etc.

    Is there a blog or webinar from the Microsoft explaining this subject so you do not repeat the information? We have customer questions while official Microsoft documentation does not have any details at all. Best regards Serg.

    • byertjames's avatar
      byertjames
      Copper Contributor
      Jul 08, 2021
      Is there any update to OP's question? Maybe in the official documentation or forum?
      I have the same questions for our environment. I have applications I've updated, removed etc and am wondering how quickly and how these changes corelate with discovered vulnerabilities.

      If software is updated or removed then I expect the discovered vulnerabilities to update within a time frame.

      If software is added, updated, removed then I expect the software inventory and security recommendations list to reflect the changes within a time frame

      • byertjames's avatar
        byertjames
        Copper Contributor
        Jul 13, 2021

        byertjames 

         

        Please find below the answers to the questions asked :

         

        1. How often when does the software inventory list in MS 365 Defender get updated?

         

        TVM Software Inventory data freshness is currently 3-4h (upper limit, can also be less).

         

        Please refer the below screenshots for the information :

         

         

         

         

         

         

         

        1. Can we use a command line or powershell to trigger a software inventory scan?

         

        There is no command line or powershell or anything else to trigger an inventory scan/update.

         

        In addition to that if you have any further queries regarding the issue, please let me know.

         

        Appreciate your time and patience.

         

        Awaiting your reply.

         

        With Best Regards,

        Truptesh Fulpagare | Microsoft Security

        mailto:v-tfulpagare@microsoft.com | +1-425-704-3638 Ext: 2261221 | Mon-Fri: 07:30 PM – 05:00 AM IST

        Backup Engineer: Hrudyesh Bagde | mailto:v-hrbagd@microsoft.com  | Mon-Fri: 07:30 PM – 05:00 AM IST

        Manager: Anirudh Palit mailto:v-anuver@microsoft.comMon-Fri: 05:00 AM – 02:30 PM EST

        Team Callback Request email (monitored 24/7): mailto:secPro-EP@microsoft.com

Resources