Query for 3rd party software

I am having a hard time getting InsightVM to return all 3rd party software applications.

I want to group my vulnerability management topology into 3 buckets for tracking and reporting.

  1. Windows OS related vulns (OS, edge, .net framework, etc), 2. Microsoft Office, 3 3rd party software. Basically anything that isn’t in the first two buckets so we can tackle vulnerable applications.

I have tried a range of filters including vulnerability category, software category and software vendor, but it always returns items where Microsoft is the vendor.

As a test, I specified a filter to return only software where Microsoft was the vendor, but it still returns other vendors including where the vendor is blank.

Has anyone else had experience with this and been successful?