List of software monitored by Cyberwatch scans

Linux / UNIX systems

Cyberwatch Vulnerability Scans support any software installed with the package manager of the distribution.

Software installed with official repositories are thereby assessed with the security advisories of the distributions vendors.

Software installed outside of classical procedures, such as compiled by hand binaries, can be assessed by Cyberwatch with the Cyberwatch custom analyses.

Cyberwatch Vulnerability Scans also detect running docker images and run a standard docker image scan on those images. These scans are not executed on running containers, but on new containers using the same images.

Supported third-party software on Linux / UNIX

Docker

The presence and version of a Docker installation on a Linux system are checked using the command docker --version.

GitLab

Detection of a GitLab installation is based on the presence of a /opt/gitlab/version-manifest.txt file on the system.

Versions of GitLab CE and GitLab EE applications are fetched from this file.

Elastic suite

Cyberwatch is able to detect installations of products from the Elastic Stack:

  • Elasticsearch
  • Kibana
  • Logstash
  • Filebeat

These products and their versions are identified through the parsing of their respective metadata files.

Jira

Cyberwatch can detect the following Jira software products:

  • Jira Core
  • Jira Software Data Center
  • Jira Service Management

Libraries installed using Pip and Gem

Cyberwatch also scans libraries installed by the dependencies managers Pip (Package Installer for Python) and Gem (Ruby).

These libraries and their versions are found by using the commands pip and gem respectively.

Cyberwatch is able to only detect libraries installed by these commands and visible from its execution context on the scanned asset or installed in the system context (by the root user).

JavaScript ecosystem

The following software, when globally installed, are detected:

  • Node.js
  • npm
  • Yarn

JavaScript packages locally installed into a node_modules directory are currently only detected on Docker images.

Oracle Database

18c and later versions are supported by Cyberwatch vulnerability scans.

Prerequisites

The $ORACLE_HOME variable must be defined in the Cyberwatch execution context:

  • system context for agent-based scans
  • system context or the in SSH user context used for agentless scans

MySQL and MariaDB

The version of the database daemons is detected using the commands mysqld --version and mariadbd --version, respectively.

PostgreSQL

The version of PostgreSQL is detected using the commands postgres -V (when it’s available in the $PATH) and psql -V.

Redis

The version of the Redis server is detected using the command redis-server --version.

PHP

The version of PHP is detected using php -v.

Zend Server

The version of Zend Server is detected from the list of installed Linux packages.

Docker images

Cyberwatch can scan Docker images. Docker images are equivalent to Linux systems, therefore all elements mentioned above as supported on Linux systems are also supported on Docker.

As it allows to easily deploy and scale identical environments, Docker is particularly used for application development purposes. These applications’ dependencies are generally handled by specific libraries package managers. Cyberwatch therefore scans libraries installed on Docker systems by the following dependencies managers:

  • NPM
  • PHP Composer
  • Yarn

Moreover, Eclipse Temurin builds of OpenJDK are detected.

Supported third-party software on Docker images

Apache HTTP Server

The version of the server daemon is detected with command httpd -v or apache2 -v.

Cyberwatch

The version of Cyberwatch is read from the file VERSION.

Drupal

On recent Docker images, the version of Drupal is obtained from Composer in the file composer.lock. On older versions, the version is read from the file bootstrap.inc.

Grafana

The version of the Grafana server is detected using the command grafana-server -v.

HAProxy

The version of HAProxy is detected using the command haproxy -v.

Joomla

The version of Joomla! is read from the file Version.php.

MongoDB

The version of the database daemon is detected using the command mongod --version.

Nextcloud and ownCloud

The version of Nextcloud and ownCloud is detected using the command occ -V.

NGINX

The version of NGINX is detected using the command nginx -v.

Ruby

The version of Ruby is detected using the command ruby -v.

Tomcat

The version of Tomcat is detected using the command version.sh.

WordPress

The version of WordPress is read from the file version.php.

Windows systems

Cyberwatch Vulnerability Scans support any official Microsoft product (Windows, Office…).

Moreover, Cyberwatch Vulnerability Scans support the following third-party software:

  • Adobe Acrobat*
  • Adobe AIR
  • Adobe Creative Cloud
  • Adobe Dreamweaver
  • Adobe Illustrator
  • Adobe InDesign
  • Adobe Flash Player*
  • Adobe Framemaker
  • Adobe Photoshop
  • Adobe Reader*
  • AdoptOpenJDK JDK*
  • AnyDesk
  • Apache Http Server* (when installed from the MSI available here)
  • Apache OpenOffice
  • Apache Tomcat*
  • Atlassian Jira
  • Atlassian SourceTree
  • AutoDesk AutoCAD
  • AutoDesk AutoCAD Mechanical
  • AutoDesk Inventor
  • Chromium
  • Cisco WebEx Meeting Center
  • Citrix Netscaler Gateway
  • Citrix Receiver Desktop
  • Citrix XenDesktop
  • Dell Command Update
  • Devolutions Remote Desktop Manager
  • Docker Desktop
  • EcoStruxure Control Expert
  • FileZilla Client**
  • FileZilla Server
  • Firebird*
  • Firefox**
  • Firefox ESR*
  • FortiClient
  • FortiClient Endpoint Management Server
  • Foxit PDF Editor
  • Foxit PhantomPDF
  • Foxit PDF Reader
  • GIMP**
  • Git
  • Google Chrome
  • GNU Privacy Guard
  • Horizon Client
  • IBM Notes
  • IBM Tivoli Storage Manager Client
  • iTunes
  • Jenkins
  • KeePass Password Safe**
  • Liberica JDK*
  • LibreOffice*/**
  • MariaDB*
  • McAfee ePolicy Orchestrator
  • Microsoft Office 365
  • Mindjet MindManager
  • Miss Marple
  • MongoDB*
  • MySQL*
  • Nextcloud
  • Notepad++**
  • Oracle Database*
  • Oracle Java*
  • Oracle VM VirtualBox*
  • OwnCloud
  • PHP*
  • PostgreSQL*
  • Prikryl WinSCP
  • PRTG Network Monitor
  • Putty**
  • Python* and the libraries installed by Pip
  • RealVNC VNC Viewer
  • SAP Customer Relationship Management
  • SAP GUI
  • SIMATIC BATCH
  • SIMATIC NET PC Software
  • SIMATIC OpenPCS 7
  • SIMATIC PCS 7
  • SIMATIC PDM
  • SIMATIC Route Control
  • SIMATIC STEP 7
  • SIMATIC WinCC
  • Skype
  • SolarWinds
  • Symantec Endpoint Protection
  • TeamViewer**
  • TechSmith SnagIT
  • Thunderbird*/**
  • Trend Micro Deep Security Agent
  • Veeam Backup & Replication
  • Veritas Backup Exec
  • Veritas Netbackup
  • Visual Studio Code
  • VLC**
  • VMware Tools
  • VMware vSphere
  • VMware Workstation
  • WAPT
  • WinRAR
  • WinSCP**
  • Wireshark**
  • XenDesktop
  • XnView Classic**
  • XnView MP**
  • Zoom
  • 7-Zip**

*End of Life date provided
**The Portable Apps version is supported

macOS systems

Cyberwatch Vulnerability Scans support any official Mac product (macOS, Keynote, Pages…).

Moreover, Cyberwatch Vulnerability Scans support the following third-party software:

  • Adobe Illustrator
  • Adobe InDesign
  • Adobe Photoshop
  • FileZilla Client
  • Firefox
  • FortiClient
  • Google Chrome
  • Oracle VM VirtualBox
  • RealVNC VNC Viewer
  • VLC
  • Wireshark

Network devices

Cyberwatch Vulnerability Scans cover the operating systems of targeted devices.


Back to top