CrowdStrike Update Causes BSOD Issues Globally – Audit Available 🛡️ Learn more

TRY NOW
Pro Tips

Unauthorized Software and How to Find It

5 min. read
28/06/2024
By Esben Dochy
ProTips 55 Unauthorized Software

Pro Tips #55

Some time ago during an event I was attending, one of you came up to me asking about how you could verify that devices were adhering to the company software policy. Especially now that you can have both a combination of Lansweeper on-prem and a Lansweeper site that combines multiple on-prem instances.

Software Authorization

The ones amongst you who have delved into the on-prem interface will be familiar with name software authorization. A feature that has been around for a long time which lets you tag specific software as Approved, Denied or Neutral, it can then be reported on and even has a default built-in report (Software: Unauthorized software). It is also in the default software dashboard.

If you’re just using on-prem, you can simply use this module to tag software and use the built-in report to identify where denied software is installed.

Aggregating Software Authorization

With Lansweeper Sites, you might expect to easily be able to report on all your software authorization that you’ve configured in on-prem. Well… it’s not that straightforward. Primarily because on-prem does not have software normalization and sets the authorization on a software name level. Once software names go through normalization, you can see how this wouldn’t hold up. This means that if you want to replicate this functionality in your site, you’ll have to get creative. Luckily, I’ve got some things to get you started.

To start, I’ve created a template report you can use to recreate the software authorization functionality. This means that the report will contain a step where you can input software names to mark them as Approved or Denied. All other software will automatically be tagged as Neutral. There is also a way you can easily find which exact software names to use, since they do have to be an exact match with software names scanned by Lansweeper.

Simply head over to the software overview and find the software you would like to classify. You can either do this by searching, sorting, or creating custom fields and use the export function to allow for easy copy-pasting.

It’s then up to you what additional filters you would like to add. Whether it’s a specific asset type, OS, or any other filter. The upside is that it is not limited to Windows software which on-prem is.

Just don’t forget that if you add new data points to the first step, to manually add them to the code box in the second step. You can do this very easily by viewing the code of the first step and copying the field you added, or take a look at the video where I show it.

Using the template, you can make whatever Software Authorization report you want, whether it’s a list of denied software on Server 2019 only, or simply all Neutral software.

Finding Assets with Unauthorized Software

Once you’ve got your list of software that is approved or denied, you can opt to look at things from a different angle. Instead of listing specific software and their status, you can look at assets and the number of software that are either denied. Giving you an actionable list of devices and a way to prioritize which device has the most amount of software you’d like to remove. Again, the filters you use are up to you but you can find the reports in the Unauthorized Software per Asset Audit.

Missing Software

Now that you have a better view of your software authorization you might be wondering how to identify devices that are missing software. Some deployments of software that are part of your template might have failed without your knowledge.

Well for that I also created a report you can use, similar to the other reports this will require you to adjust the report to specify which software you are looking for. But once you do you should be able to get an actionable list with the missing software audit.

Newly Discovered Software

Next up is maintanance. Once you’ve configured your software authorization, you’ll have new software appear every so often. However, it would be nice to know when new software has been scanned. That’s why we’ve got the New Software Discovered Audit. This report looks at the last 7 days by default, but as always, it is just a template for you to customize to your needs. Regardless, you’ll be able to keep an eye on what new software enters your environment and use it as a reminded to check if you have software left to authorize.

Creating Software Dashboards

Now that you have these nice reports, why not create a dashboard so you can get a quick overview of when you log into Lansweeper.

On-prem

For on-prem you already have an existing Software dashboard that you can modify, the default alert report widget even has the unauthorized software already added to it. You can add any of the above-mentioned reports to that widget if you want to keep an eye on the number of results of any of those specific reports.

Additionally, I created a chart report that you can add to show you statistics on software that has been rated in the software authorization module.

Sites

In sites there is also a default software dashboard, however, you can’t edit it so you’ll either have to recreate it or simply create a new blank dashboard and only add widgets that you’re interested in.

In this specific case, the most interesting widget will be the numbers widget or the report overview widget. With this you can display the total number of results for a specific report, meaning you can use any of the previously mentioned reports to display the status of your authorized software, new software that has been detected and more.

NO CREDIT CARD REQUIRED

Ready to get started?
You’ll be up and running in no time.

Explore all our features, free for 14 days.