Windows Unmanaged Software Detection Include and Exclude Filepaths

Summary:

Tenable has refined its Windows search functions many times over the years, to improve accuracy and also limit the amount of stress filesystem searches place on customer machines. The current iteration relies on Powershell searches, but cannot currently be fine tuned to specify to look only in specific directories, or exclude looking into specific directories. This is changing. Under the "Advanced" settings of Tenable scan policies, settings for "Windows file search Options" will soon exist. These two settings, for "Windows Include Filepath" and "Windows Exclude Filepath" will accept text lists of locations to check for software installs, and text lists of locations to exclude from these checks. In support of these new settings, we have refactored the commands that Tenable products issue to Windows machines to allow for the use of include and exclude paths We have also fine tuned the default exclusion paths, which should make Windows search functions run much faster.

Please note: the products detected using Windows unmanaged software are provided as Dependents to plugin 152357 at https://www.tenable.com/plugins/nessus/152357/dependents.

** thorough checks need to be enabled

Impact:

These settings can be used to tweak the performance of Windows software detection across filesystem searches. By default, this change should make these searches for this plugin run much faster than before, depending on the size of the filesystems being scanned. Use of the include and exclude filepath settings in scan policies will allow customers and Technical Support to fine tune the paths being searched, and can be used to change the accuracy and speed of the search functions.

Please reach out to Technical Support if there are any questions. 

Plugins:

Detect Unmanaged Software Install Location (Windows) (152357)

Scan Search settings (New)

Target Release Date:

February 06, 2023