System inventory
A system inventory is a resource that contains information about the hardware and software assets within an IT infrastructure. Keeping an inventory of all assets helps organizations maximize the visibility of hardware and software in their environment. An up-to-date system inventory is essential for maintaining good IT hygiene within an enterprise network.
To maintain a centralized system inventory, ThreatLockDown agents collect system information from monitored endpoints and send it to the ThreatLockDown server. The ThreatLockDown Syscollector module is responsible for collecting such data from each agent. The data the ThreatLockDown agent collects includes hardware and operating system information, installed software details, network interfaces, ports, and running processes. The ThreatLockDown agent can also collect data about Windows updates from Windows endpoints. You can configure what kind of information you want the Syscollector module to collect or ignore.
Users can generate system inventory reports from the ThreatLockDown dashboard, which can be valuable resources during threat hunting and IT hygiene exercises. The information contained in the report can be used to identify unwanted applications, processes, services, and malicious artifacts.