Software to Component Mapping
A SwCA scan discovers installed open-source software, libraries, and associated vulnerabilities on your asset and identifies programming language-based software packages on assets.
Based on the SwCA scan result, we also map software components to their respective software applications. This mapping is done using QID-5001632, which collects software details such as software name, version, installation path, and software component path.
Only the software components installed in the operating system package manager are mapped to the respective software.
Software to component mapping helps you identify applications to which these vulnerable software components belong, prioritize patches based on severity, and allow faster response to potential threats.
New QIDs
The following two new QIDs are introduced to collect the software details on the asset, such as software name, version, software install path, and component path and will be executed only when the software to component mapping feature is enabled:
- QID 5001632: This QID is used to collect software details from Linux OS-based assets.
- QID 5001711: This QID is used to collect software details from Windows OS-based assets.
Steps to View Software to Component Mapping
The following are the steps to view the software components discovered in the SwCA scan.
- In the CyberSecurity Asset Management user interface, navigate to the Inventory > Software tab.
- Select a software for which you want to view the software component details.
- In the Quick Actions menu, click the View Component List option. The Components tab opens. The Component tab has a list of all components for the selected software.
In the above image:- 70.K software components are installed on various assets.
- 8691 unique components are discovered/fetched.
- You can download the component report to view the details of unique components.
The component report can contain a maximum of 50K component records.
- Click the asset count in the Asset Installation column to view the asset details. (Reference image under point 3)
- Click the software count in the Parent Software Installation column to view the parent software details. (Reference image under point 3)
- To view the installation details for components, in the Components tab, click View Install Details from the Quick Actions menu.
The installation details window displays information, such as asset name, component installation path, and parent software details.
Software Components Details for Assets
The following are the steps to view software components for an asset.
- To view software components for an asset, navigate to Inventory > Assets.
- Select an asset and in the Quick Actions menu, click View Details.
- In the Asset Details window, you can view the software components in:
Inventory > Installed Software > Components window.
OR
Security > Software Composition Analysis > Component window.
The inventory count of Software Components displayed on user interface is increased from 2K to 20K.
QQL Tokens for Components Search
The following QQL search tokens are available for the Component tab.
| QQL Token | Description |
|---|---|
| component.name | Lists all the components as per the specified component name. |
| component.version | Lists all the components as per the specified version. |
| component.technology | Lists all the components as per the specified technology. |
To learn more about QQL Tokens for Components tab, refer to the Components section in Search Tokens for IT Assets.
Refer to CyberSecurity Asset Management online help for more details on Software to Component Mapping.