Software Catalog Q&A
Software Catalog Q&A
1)Which type of System will be applicable?
A)It will be catalog only for Server workloads and systems which have processes running longer than 6 hrs.
2)What is the frequency of cataloging?
A)12 Hrs
3)Can we Change the frequency of Cataloging?
A)We can’t change from UI.
4)What is the Minimum version of Uptycs Sensor required?
A)>=5.8.3.24
5)What IP do we have with this implementation ?
1.our own curated set of intel that identifies software and category
2.regexes developed by uptycs to identify softwares from command line and path
3.using Generative AI (prompt is of essence here) to generate category and software
given the command line , path , port etc.
6)Everyday we see a variation in the exes that are running on hosts?
A)As we report only the latest exes that were running on your machine in the last day so you might see a variation in the reported software.
7)Will the majority of software identified by Uptycs Intel?
A)We have captured most of the open source software but not all, currently Gen AI helps us to identify the software. However, over a period of time we collect data generated by AI and process it to make Uptycs Intel.
8)Can you handle proprietary software like Oracle? Does the customer have to enter a rule to identify that?
A)We can identify the proprietary software, we are already identifying some of those, if customer have some specific s/w he can always create a rule for the same
9)What is the order of precedence in case of overlapping between System and User rules?
A)System rules>User defined Rules
10)What are various formats available to download the report?
A)CSV,JSON.JSON(lookup table format)
11)Can we catalog laptops,Desktops and DEV workloads?
A)Yes, we will support from 161 to catalog installed packages.
12)Will the Tag disassociate on its own if the process is no longer running?
A)Tag will get disassociated Automatically.
13)Can we detect the assets running CI/CD,Jenkins,Docker …..e.t.c?
A)YES.
14)What Packages do we look for installed Software?
A) 15)Can we identify vulnerable packages in case of installed packages?
A)Yes we have filter Vulnerable to display only vulnerable packages.
16)Can we set Notification alerts for our destinations?
A) Yes, we can configure Notifications in case if a particular Software is using the given license to our email,splunk,JIRA…….e.t.c
Related Articles
What is the SUNBURST Backdoor Intrusion and How Can I detect it?
Overview What is the SUNBURST backdoor intrusion and how can I detect it? FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware called SUNBURST. This intrusion campaign is ...eBPF
To enable seamless auditing capabilities for Linux endpoints and containers, Uptycs has implemented Extended Berkeley Packet Filter (eBPF) based auditing techniques. eBPF is a powerful auditing system to monitor suspicious activities by tracing ...Draft-Kal-Difference between Disabling / Deleting an Asset
Disabling an asset is used to temporarily disable collection of an asset's data on the portal. Deletion of an asset is intended for deletion of an asset permanently. Procedure for deletion of an asset calls for deletion of osquery agent on the ...How to generate and provide HAR file to Uptycs Support
HAR (HTTP Archive) is a file format used by several HTTP session tools to export the captured data. The format is basically a JSON object with a particular set of fields. Procedure on how to generate HAR file for different browsers can be obtained at ...Commands to check the agent version from the command line? Linux in this case
For Linux: osqueryi --version