Kaspersky Industrial CyberSecurity for Networks can monitor applications and patches installed on devices it knows about. When monitoring applications and patches, it automatically receives information about software installed and registered in the operating systems of the devices. The application uses these details to generate application and patch tables.
To use the application and patch monitoring feature, asset management methods for device activity detection and device information detection must be enabled. These methods must be enabled on all nodes where the application components from which information is received are installed.
Application and patch monitoring relies on data from the following source types:
The sources are listed in the descending order of priority of data coming from them. When processing application and patch details, the application follows data source priority. Application and patch details from a higher-priority source can overwrite information from other sources. The application also automatically deletes from the tables those applications and patches whose details were previously received, but such applications or patches are not present in the new data received from these sources.
You can view applications and patches details in the following tables:
This table displays information about all applications whose data has been received by the application. When viewing the all applications table, you can configure, filter, search, sort, and navigate to related items.
This table displays information about all patches whose data has been received by the application. When viewing the all patches table, you can configure, filter, search, sort, and navigate to related items.
The all applications and all patches tables are limited to 200,000 items each.
The application displays the following device application details in the table and details area for the selected application:
The application displays the following device patch details in the table and details area for the selected patch:
When monitoring applications and patches, the application uses the Asset Management technology for event logging. Events are registered with system event types that are assigned the following codes:
You can configure the available settings for event types under Settings → Event types.
You can view information about registered events when connected to the Server through the web interface.
Page top