Forum Discussion

philippwree's avatar
philippwree
Copper Contributor
Jun 08, 2020

How is the software inventory created in MDATP?

Can anyone tell me exactly how the software inventory is created in MDATP? We have about 600 packaged applications, but only 200 are shown in the software inventory. When I look at the software inven...
Sergg's avatar
Sergg
Iron Contributor
Jul 14, 2020

Tomer Tellersorry for chasing you, but can you please explain if few more sentences the ent-to-end process of https://securitycenter.microsoft.com/software-inventory and https://securitycenter.microsoft.com/vulnerabilities get collected? Frequency, timeouts, does it uses Windows Update or registry, etc.

Is there a blog or webinar from the Microsoft explaining this subject so you do not repeat the information? We have customer questions while official Microsoft documentation does not have any details at all. Best regards Serg.

byertjames's avatar
byertjames
Copper Contributor
Jul 08, 2021
Is there any update to OP's question? Maybe in the official documentation or forum?
I have the same questions for our environment. I have applications I've updated, removed etc and am wondering how quickly and how these changes corelate with discovered vulnerabilities.

If software is updated or removed then I expect the discovered vulnerabilities to update within a time frame.

If software is added, updated, removed then I expect the software inventory and security recommendations list to reflect the changes within a time frame

  • byertjames's avatar
    byertjames
    Copper Contributor
    Jul 13, 2021

    byertjames 

     

    Please find below the answers to the questions asked :

     

    1. How often when does the software inventory list in MS 365 Defender get updated?

     

    TVM Software Inventory data freshness is currently 3-4h (upper limit, can also be less).

     

    Please refer the below screenshots for the information :

     

     

     

     

     

     

     

    1. Can we use a command line or powershell to trigger a software inventory scan?

     

    There is no command line or powershell or anything else to trigger an inventory scan/update.

     

    In addition to that if you have any further queries regarding the issue, please let me know.

     

    Appreciate your time and patience.

     

    Awaiting your reply.

     

    With Best Regards,

    Truptesh Fulpagare | Microsoft Security

    mailto:v-tfulpagare@microsoft.com | +1-425-704-3638 Ext: 2261221 | Mon-Fri: 07:30 PM – 05:00 AM IST

    Backup Engineer: Hrudyesh Bagde | mailto:v-hrbagd@microsoft.com  | Mon-Fri: 07:30 PM – 05:00 AM IST

    Manager: Anirudh Palit mailto:v-anuver@microsoft.comMon-Fri: 05:00 AM – 02:30 PM EST

    Team Callback Request email (monitored 24/7): mailto:secPro-EP@microsoft.com

    • gd2020's avatar
      gd2020
      Copper Contributor
      Oct 04, 2022

      byertjames Where is the link to this screen shot? 

      • byertjames's avatar
        byertjames
        Copper Contributor
        Oct 05, 2022

        gd2020 

        That screenshot was from the old version of the website now rolled into Microsoft 365 Defender

        https://learn.microsoft.com/en-us/microsoft-365/security/defender-vulnerability-management/tvm-software-inventory?view=o365-worldwide

        I believe this direct link can take you there

        https://security.microsoft.com/vulnerability-management-inventories/applications

        You now have to select the relevant row and in the side pane click on report inaccuracy as needed.

         

         

         

Resources