What details does the SVM Agent send to its servers to correlate the detected programs on a system with Secunia Research vulnerability intelligence?
The SVM Agent extracts the file name and version from each OCX, DLL and EXE file found on the system. The SVM Agent will collect the file name, file version metadata, the path of the file and some additional generic product-related information too. The SVM Agent will also collect the hostname of the system where software has been detected, only for the purpose of attributing scan results to the correct hosts.
Customers can verify what program data is sent when they run the Agent with verbose logging. Use the following command to trigger Agent scan in command-line interface with extra verbose logging:
csia.exe -c -v -v -v > c:\temp\your-log.txt
This command will write every action of the Agent, including the files it is "considering" and the files that is "processing". At the end of the log file, all software detected and sent to the cloud will be listed similarly to the example provided next.
This is how generic program metadata collected during SVM Agent scan
For additional questions and information, please refer to Helpnet's documentation for how scans work.
While the following article pertains primarily to SVM Cloud Agent questions, the same type of data is collected with all versions of SVM Agent, thus including SVM On-Prem Agents where the only difference is that the SVM Agent is sending the data to a local server and not to Flexera Cloud for analysis.