Introduction

Establishing an inventory of all software and applications running in the environment is a fundamental step in securing your organization. Whether the organization is a small start-up or a global conglomerate, identifying software usage is necessary to ensure software assets are authorized, appropriately licensed, supported, and have the most recent security fixes applied. A software inventory helps demonstrate compliance with regulatory controls and Service Level Agreements (SLA) for software used in the environment. From the perspective of “less is more,” a software inventory also identifies unnecessary software running in the environment, which increases the attack surface without providing a business advantage. In fact, running unnecessary software creates overhead and an inefficient run-time environment.

In the event of a security breach, a software inventory is essential to determine what was breached, and who needs to be notified. First responders require a software inventory to perform forensic analysis and determine breach notification requirements for vendors, business partners, and regulatory bodies. Organizations that have a clear understanding of software in their environment can quickly assess a breach impact and identify affected areas. If legal proceedings are involved, an organized software inventory greatly assists in limiting data handed over to Law Enforcement and assists technical staff in depositions or testimony.

Business Continuity and Disaster Recovery plans specify requirements for restoration of critical assets and services, but organizations need to know what these are to establish a Recovery Time Objective (the amount of time to recover a service to an acceptable level of operation) and Recovery Point Objective (the last point of known good data). Developing and maintaining a software inventory is a critical first step in implementing an effective cyber security program. This document provides guidance in using Tenable solutions to gather data and analyze systems to build a software inventory.

Tenable has provided Establishing Software Inventory (SEE) Dashboard and Report templates, which are available in the Tenable Security Center feed.

**Queries in this report were limited to 50 for readability purposes.