List of software monitored by Cyberwatch scans

Linux / UNIX systems

Cyberwatch Vulnerability Scans support any software installed with the package manager of the distribution.

Software installed with official repositories are thereby assessed with the security advisories of the distributions vendors.

Software installed outside of classical procedures, such as compiled by hand binaries, can be assessed by Cyberwatch with the Cyberwatch custom analyses.

Cyberwatch Vulnerability Scans also detect running docker images and run a standard docker image scan on those images. These scans are not executed on running containers, but on new containers using the same images.

Supported third-party software on Linux / UNIX


The presence and version of a Docker installation on a Linux system are checked using the command docker --version.


Detection of a GitLab installation is based on the presence of a /opt/gitlab/version-manifest.txt file on the system.

Versions of GitLab CE and GitLab EE applications are fetched from this file.

Elastic suite

Cyberwatch is able to detect installations of products from the Elastic Stack:

  • Elasticsearch;
  • Kibana;
  • Logstash;
  • Filebeat.

These products and their versions are identified through the parsing of their respective metadata files.

Libraries installed using Pip and Gem

Cyberwatch also scans libraries installed by the dependencies managers Pip (Package Installer for Python) and Gem (Ruby).

These libraries and their versions are found by using the commands pip and gem respectively.

Cyberwatch is able to only detect libraries installed by these commands and visible from its execution context on the scanned asset or installed in the system context (by the root user).

JavaScript ecosystem

The following software, when globally installed, are detected:

  • Node.js,
  • npm,
  • Yarn.

JavaScript packages locally installed into a node_modules directory are currently only detected on Docker images.

Oracle Database

18c and later versions are supported by Cyberwatch vulnerability scans.


The $ORACLE_HOME variable must be defined in the Cyberwatch execution context:

  • system context for agent-based scans;
  • system context or the in SSH user context used for agentless scans.

MySQL and MariaDB

The version of the database daemons is detected using the commands mysqld --version and mariadbd --version, respectively.


The version of PostgreSQL is detected using the commands postgres -V (when it’s available in the $PATH) and psql -V.


The version of the Redis server is detected using the command redis-server --version.


The version of PHP is detected using php -v.

Zend Server

The version of Zend Server is detected from the list of installed Linux packages.

Docker images

Cyberwatch can scan Docker images. Docker images are equivalent to Linux systems, therefore all elements mentioned above as supported on Linux systems are also supported on Docker.

As it allows to easily deploy and scale identical environments, Docker is particularly used for application development purposes. These applications’ dependencies are generally handled by specific libraries package managers. Cyberwatch therefore scans libraries installed on Docker systems by the following dependencies managers:

  • NPM;
  • PHP Composer;
  • Yarn.

Moreover, Eclipse Temurin builds of OpenJDK are detected.

Supported third-party software on Docker images

Apache HTTP Server

The version of the server daemon is detected with command httpd -v or apache2 -v.


The version of Cyberwatch is read from the file VERSION.


On recent Docker images, the version of Drupal is obtained from Composer in the file composer.lock. On older versions, the version is read from the file


The version of the Grafana server is detected using the command grafana-server -v.


The version of HAProxy is detected using the command haproxy -v.


The version of Joomla! is read from the file Version.php.


The version of the database daemon is detected using the command mongod --version.

Nextcloud and ownCloud

The version of Nextcloud and ownCloud is detected using the command occ -V.


The version of NGINX is detected using the command nginx -v.


The version of Ruby is detected using the command ruby -v.


The version of Tomcat is detected using the command


The version of WordPress is read from the file version.php.

Windows systems

Cyberwatch Vulnerability Scans support any official Microsoft product (Windows, Office…).

Moreover, Cyberwatch Vulnerability Scans support the following third-party software:

  • Adobe Acrobat*
  • Adobe AIR
  • Adobe Creative Cloud
  • Adobe Dreamweaver
  • Adobe Illustrator
  • Adobe InDesign
  • Adobe Flash Player*
  • Adobe Framemaker
  • Adobe Photoshop
  • Adobe Reader*
  • AdoptOpenJDK JDK*
  • AnyDesk
  • Apache Http Server* (when installed from the MSI available here)
  • Apache OpenOffice
  • Apache Tomcat*
  • Atlassian Jira
  • Atlassian SourceTree
  • AutoDesk AutoCAD
  • AutoDesk AutoCAD Mechanical
  • AutoDesk Inventor
  • Chromium
  • Cisco WebEx Meeting Center
  • Citrix Netscaler Gateway
  • Citrix Receiver Desktop
  • Citrix XenDesktop
  • Dell Command Update
  • Devolutions Remote Desktop Manager
  • Docker Desktop
  • EcoStruxure Control Expert
  • FileZilla Client**
  • FileZilla Server
  • Firebird*
  • Firefox**
  • Firefox ESR*
  • FortiClient
  • FortiClient Endpoint Management Server
  • Foxit PDF Editor
  • Foxit PhantomPDF
  • Foxit PDF Reader
  • GIMP**
  • Git
  • Google Chrome
  • GNU Privacy Guard
  • Horizon Client
  • IBM Notes
  • IBM Tivoli Storage Manager Client
  • iTunes
  • Jenkins
  • KeePass Password Safe**
  • Liberica JDK*
  • LibreOffice*/**
  • MariaDB*
  • McAfee ePolicy Orchestrator
  • Microsoft Office 365
  • Mindjet MindManager
  • Miss Marple
  • MongoDB*
  • MySQL*
  • Nextcloud
  • Notepad++**
  • Oracle Database*
  • Oracle Java*
  • Oracle VM VirtualBox*
  • OwnCloud
  • PHP*
  • PostgreSQL*
  • Prikryl WinSCP
  • PRTG Network Monitor
  • Putty**
  • Python* and the libraries installed by Pip
  • RealVNC VNC Viewer
  • SAP Customer Relationship Management
  • SIMATIC NET PC Software
  • SIMATIC Route Control
  • Skype
  • SolarWinds
  • Symantec Endpoint Protection
  • TeamViewer**
  • TechSmith SnagIT
  • Thunderbird*/**
  • Trend Micro Deep Security Agent
  • Veeam Backup & Replication
  • Veritas Backup Exec
  • Veritas Netbackup
  • Visual Studio Code
  • VLC**
  • VMware Tools
  • VMware vSphere
  • VMware Workstation
  • WAPT
  • WinRAR
  • WinSCP**
  • Wireshark**
  • XenDesktop
  • XnView Classic**
  • XnView MP**
  • Zoom
  • 7-Zip**

*End of Life date provided
**The Portable Apps version is supported

macOS systems

Cyberwatch Vulnerability Scans support any official Mac product (macOS, Keynote, Pages…).

Moreover, Cyberwatch Vulnerability Scans support the following third-party software:

  • Adobe Illustrator
  • Adobe InDesign
  • Adobe Photoshop
  • FileZilla Client
  • Firefox
  • FortiClient
  • Google Chrome
  • Oracle VM VirtualBox
  • RealVNC VNC Viewer
  • VLC
  • Wireshark

Network devices

Cyberwatch Vulnerability Scans cover the operating systems of targeted devices.

Back to top