List of software monitored by Cyberwatch scans
Linux / UNIX systems
Cyberwatch Vulnerability Scans support any software installed with the package manager of the distribution.
Software installed with official repositories are thereby assessed with the security advisories of the distributions vendors.
Software installed outside of classical procedures, such as compiled by hand binaries, can be assessed by Cyberwatch with the Cyberwatch custom analyses.
Cyberwatch Vulnerability Scans also detect running docker images and run a standard docker image scan on those images. These scans are not executed on running containers, but on new containers using the same images.
Supported third-party software on Linux / UNIX
Docker
The presence and version of a Docker installation on a Linux system are checked using the command docker --version
.
GitLab
Detection of a GitLab installation is based on the presence of a /opt/gitlab/version-manifest.txt
file on the system.
Versions of GitLab CE and GitLab EE applications are fetched from this file.
Elastic suite
Cyberwatch is able to detect installations of products from the Elastic Stack:
- Elasticsearch
- Kibana
- Logstash
- Filebeat
These products and their versions are identified through the parsing of their respective metadata files.
Jira
Cyberwatch can detect the following Jira software products:
- Jira Core
- Jira Software Data Center
- Jira Service Management
Libraries installed using Pip and Gem
Cyberwatch also scans libraries installed by the dependencies managers Pip (Package Installer for Python) and Gem (Ruby).
These libraries and their versions are found by using the commands pip
and gem
respectively.
Cyberwatch is able to only detect libraries installed by these commands and visible from its execution context on the scanned asset or installed in the system context (by the root
user).
JavaScript ecosystem
The following software, when globally installed, are detected:
- Node.js
- npm
- Yarn
JavaScript packages locally installed into a node_modules
directory are currently only detected on Docker images.
Oracle Database
18c and later versions are supported by Cyberwatch vulnerability scans.
Prerequisites
The $ORACLE_HOME
variable must be defined in the Cyberwatch execution context:
- system context for agent-based scans
- system context or the in SSH user context used for agentless scans
MySQL and MariaDB
The version of the database daemons is detected using the commands mysqld --version
and mariadbd --version
, respectively.
PostgreSQL
The version of PostgreSQL is detected using the commands postgres -V
(when it’s available in the $PATH
) and psql -V
.
Redis
The version of the Redis server is detected using the command redis-server --version
.
PHP
The version of PHP is detected using php -v
.
Zend Server
The version of Zend Server is detected from the list of installed Linux packages.
Docker images
Cyberwatch can scan Docker images. Docker images are equivalent to Linux systems, therefore all elements mentioned above as supported on Linux systems are also supported on Docker.
As it allows to easily deploy and scale identical environments, Docker is particularly used for application development purposes. These applications’ dependencies are generally handled by specific libraries package managers. Cyberwatch therefore scans libraries installed on Docker systems by the following dependencies managers:
- NPM
- PHP Composer
- Yarn
Moreover, Eclipse Temurin builds of OpenJDK are detected.
Supported third-party software on Docker images
Apache HTTP Server
The version of the server daemon is detected with command httpd -v
or apache2 -v
.
Cyberwatch
The version of Cyberwatch is read from the file VERSION
.
Drupal
On recent Docker images, the version of Drupal is obtained from Composer in the file composer.lock
. On older versions, the version is read from the file bootstrap.inc
.
Grafana
The version of the Grafana server is detected using the command grafana-server -v
.
HAProxy
The version of HAProxy is detected using the command haproxy -v
.
Joomla
The version of Joomla! is read from the file Version.php
.
MongoDB
The version of the database daemon is detected using the command mongod --version
.
Nextcloud and ownCloud
The version of Nextcloud and ownCloud is detected using the command occ -V
.
NGINX
The version of NGINX is detected using the command nginx -v
.
Ruby
The version of Ruby is detected using the command ruby -v
.
Tomcat
The version of Tomcat is detected using the command version.sh
.
WordPress
The version of WordPress is read from the file version.php
.
Windows systems
Cyberwatch Vulnerability Scans support any official Microsoft product (Windows, Office…).
Moreover, Cyberwatch Vulnerability Scans support the following third-party software:
- Adobe Acrobat*
- Adobe AIR
- Adobe Creative Cloud
- Adobe Dreamweaver
- Adobe Illustrator
- Adobe InDesign
- Adobe Flash Player*
- Adobe Framemaker
- Adobe Photoshop
- Adobe Reader*
- AdoptOpenJDK JDK*
- AnyDesk
- Apache Http Server* (when installed from the MSI available here)
- Apache OpenOffice
- Apache Tomcat*
- Atlassian Jira
- Atlassian SourceTree
- AutoDesk AutoCAD
- AutoDesk AutoCAD Mechanical
- AutoDesk Inventor
- Chromium
- Cisco WebEx Meeting Center
- Citrix Netscaler Gateway
- Citrix Receiver Desktop
- Citrix XenDesktop
- Dell Command Update
- Devolutions Remote Desktop Manager
- Docker Desktop
- EcoStruxure Control Expert
- FileZilla Client**
- FileZilla Server
- Firebird*
- Firefox**
- Firefox ESR*
- FortiClient
- FortiClient Endpoint Management Server
- Foxit PDF Editor
- Foxit PhantomPDF
- Foxit PDF Reader
- GIMP**
- Git
- Google Chrome
- GNU Privacy Guard
- Horizon Client
- IBM Notes
- IBM Tivoli Storage Manager Client
- iTunes
- Jenkins
- KeePass Password Safe**
- Liberica JDK*
- LibreOffice*/**
- MariaDB*
- McAfee ePolicy Orchestrator
- Microsoft Office 365
- Mindjet MindManager
- Miss Marple
- MongoDB*
- MySQL*
- Nextcloud
- Notepad++**
- Oracle Database*
- Oracle Java*
- Oracle VM VirtualBox*
- OwnCloud
- PHP*
- PostgreSQL*
- Prikryl WinSCP
- PRTG Network Monitor
- Putty**
- Python* and the libraries installed by Pip
- RealVNC VNC Viewer
- SAP Customer Relationship Management
- SAP GUI
- SIMATIC BATCH
- SIMATIC NET PC Software
- SIMATIC OpenPCS 7
- SIMATIC PCS 7
- SIMATIC PDM
- SIMATIC Route Control
- SIMATIC STEP 7
- SIMATIC WinCC
- Skype
- SolarWinds
- Symantec Endpoint Protection
- TeamViewer**
- TechSmith SnagIT
- Thunderbird*/**
- Trend Micro Deep Security Agent
- Veeam Backup & Replication
- Veritas Backup Exec
- Veritas Netbackup
- Visual Studio Code
- VLC**
- VMware Tools
- VMware vSphere
- VMware Workstation
- WAPT
- WinRAR
- WinSCP**
- Wireshark**
- XenDesktop
- XnView Classic**
- XnView MP**
- Zoom
- 7-Zip**
*End of Life date provided
**The Portable Apps version is supported
macOS systems
Cyberwatch Vulnerability Scans support any official Mac product (macOS, Keynote, Pages…).
Moreover, Cyberwatch Vulnerability Scans support the following third-party software:
- Adobe Illustrator
- Adobe InDesign
- Adobe Photoshop
- FileZilla Client
- Firefox
- FortiClient
- Google Chrome
- Oracle VM VirtualBox
- RealVNC VNC Viewer
- VLC
- Wireshark
Network devices
Cyberwatch Vulnerability Scans cover the operating systems of targeted devices.