Hello everyone,
I’m working on a solution to provide information about installed software on servers and clients that is either end of life (EoL) or end of support (EoS). I plan to combine data from Rapid (database tables: dim_asset_software, dim_asset) with information from endoflife.date in Power BI.
I’m also using data from Microsoft Defender, which is installed on all our clients and servers. This gives us a second source for vulnerabilities and EoL/EoS software. Microsoft provides this information via tags (see examples):
In Rapid7 we have a lot information, which could be used for similar things:
I’m working on a Power BI solution similar to Microsoft Defender, combining software data from Rapid7 with lifecycle information from endoflife.date. My goal is to provide Asset and Software Owners with a dashboard that highlights installed software violating our internal directives. Vulnerability scans identify some obsolete software, but not all. I’m already using the following information on my dashboard:
It would be very helpful if Rapid7 provided additional information in the dim_asset_software table—specifically an extra column with applied EoL/EoS data. This would enrich the existing dataset with, in my opinion, highly useful information beyond the “classic” CVE-based vulnerabilities.
What do you think or did you already have another solution in place to check on end of life software?