Does InsightVM record software file paths? If so, how does one go about finding out where a specific software is installed? This particular software is not installed under add/remove software.
2 Likes
Hello @ChromeShavings ,
Is this in relation to a vulnerability finding after a scan? What evidence of vulnerability is displayed as proof?
Cheers,
Joel
@joel_ashman, that or where specific software is installed. Based on the software inventory of each machine, it would be nice to see the path to that software. If that is a thing.
It would be nice to have as a canned report or add on to reporting for individual assets. I know that the log4j and spring4shell detections also contain file paths so there has to be some capability for it. The question is if this is a new enhancement are you prepared for the bloat of capturing that much data per machine in your environment? Will it be worth it when it comes time to do backups? Yes it would be nice to have but the evidence for each detection should cover the file path without getting to nitty gritty. Just have to pull it on a one off basis for each which could get tedious. It would be nice to say get the evidence path and put that on a report without having to do an SQL query for it.