cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

ISMP Evidence Showing Up (when we don't use ISMP)?

Investigating a potential false positive on Apache log4j. The reported evidence type is ISMP (InstallShield Multiplatform) coming from the FlexNet Agent, as the only source reporting (we also co-run BMC Discovery on these servers). The odd thing about this is that our organization doesn't use Installshield. 

In checking Discovered Evidence, I note a total of 70 Installer Evidence reporting under ISMP (out of over 33,000). This makes me wonder under what conditions FlexNet utilizes ISMP to classify Evidence Type. Is this some kind of default? Again, we're not running this kind of package installation technology.

0 Kudos

This thread has been automatically locked due to inactivity.

To continue the discussion, please start a new thread.

2 Replies
kclausen
Level 15 Flexeran
Level 15 Flexeran

ISMP is used by many software publisher to package their own applications.  Therefore, in the process of installing software you may be creating ISMP Evidence as the packages you are running from the publishers are using ISMP to install the primary package and/or different components.

ChrisG
Community Manager Community Manager
Community Manager

InstallShield Multiplatform evidence details will typically be gathered from files named "vpd.properties" or "vpd.script" that exist on computers that the FlexNet agent has gathered inventory from.

To restate @kclausen's comments, if you see installer evidence of the type "ISMP" in your organization that is indicating the developers of software installed on your computers have likely used InstallShield Multiplatform. This isn't determined by whether your own organization uses that product for developing software installers.

(Did my reply solve the question? Click "ACCEPT AS SOLUTION" to help others find answers faster. Liked something? Click "KUDO". Anything expressed here is my own view and not necessarily that of my employer, Flexera.)