The Desktop Software risk vector determines if desktop device software is supported or out-of-date. Desktop devices are laptops, servers, and other non-tablet, non-phone computers in a company’s network that access the Internet. The outgoing communications from desktop devices includes metadata about the device’s operating system and browser version (endpoint data).
Finding Details
The details include the data in Findings, Diligence details, and also the following information:
❖ This field can be included in the table from the Customize Columns option.
Field | Description | ||
---|---|---|---|
Operating system (OS) and Browser Information | |||
EOL | The end-of-life date for the version. | ||
EOL Status | The end-of-life status of the current version. | ||
❖ Family
|
The family of the detected OS or browser. | ||
❖ Grade
|
An assessment of the detected OS or browser based on the version’s support status. | ||
Launch | The launch date of the current version. | ||
❖ Support Status
|
The support status of the current OS or browser version. | ||
❖ Version
|
The current version of the detected OS or browser. | ||
Observations | |||
Estimated Users | The estimated number of users based on visible web activity. | ||
Sample Observations | |||
Source IP | The source IP address of the connection when the evaluated desktop made an outbound request. This is typically an IP address associated with a firewall. The source IP and user-agent string are used to determine the OS and browser version. | ||
Target Host |
The host that the browser connected with (if available). If we were able to collect target host information, it is useful for searching the firewall logs to determine which internal host made the connection. Search for the egress IP in the source IP field, the target host, and representative timestamp. Available in the SPM application. |
||
User Agent | User-agent string as sent by the browser. | ||
Timestamp | Date and time (in UTC) the traffic was observed. | ||
❖ Remediation Instructions | Information for how to resolve a negative finding. |
- October 29, 2024: Findings Table navigation instructions moved from Risks to a new Findings section in the menu.
- October 16, 2024: Target host information might not always be available.
- August 30, 2024: Terminology – “Host IP” → “Source IP” & “Host domain” → “Target host.”
Feedback
0 comments
Please sign in to leave a comment.