Agent Data Collection

After scanning your environment, the Software Vulnerability Manager Agent collects the following data, which is summarized into a single POST to** https://csi7.secunia.com​**. The Agent collects data from Windows, Red Hat Enterprise Linux (RHEL) and macOS operating systems. The data collected varies by operating system as described below.

All operating systems

• Machine name

• MachineGUID (generated by Flexera)

• System type (architecture / operating system)

• IP address

• MAC address

• Time (GMT, local)

Windows

• Distinguished name

• List of security Knowledge Base articles installed or pending, source thereof

• List of vulnerable and unrecognized applications from the File System scan:

  • Sends only:
    • File path
    • File size
    • Metadata from the Portable Executable (PE) header to recognize known software (Examples: timestamp, machine architecture)
    • Metadata from the Version Block to recognize known software (Examples: product name, product version, company name, original file name, internal name, file version, comments, file description, legal copyright, legal trademarks, private build, special build)
  • Files collected are filtered by scan rules or type

• Locations of well-known system folders (Example: C:\Program Files)

• List of drives discovered or scanned

• Processing time and other profiling measures

Red Hat Enterprise Linux (RHEL)

• List of installed Red Hat Package Managers (RPMs) from rpm

• List of packages with security updates using the Yellowdog Updater Modified (YUM) tool

macOS

• List of applications from the File System scan of .plist sends only:

  • File path
  • Metadata from the list used to recognize known software (Examples: author; description; CFBundle: display name, identifier, short version string, version, executable, get info string, name, package type; NSHumanReadableCopyright)

• List of operating system updates queried from the system