Software inventory

Applies to:

Want to experience Microsoft Defender ATP? Sign up for a free trial.


Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Microsoft Defender ATP Threat & Vulnerability management's discovery capability shows in the Software inventory page. The software inventory includes the name of the product or vendor, the latest version it is in, and the number of weaknesses and vulnerabilities detected with it.

  1. Select Software inventory from the Threat & Vulnerability management navigation menu.
  2. In the Software inventory page, select the application that you want to investigate and a flyout panel opens up with the software details, vendor information, prevalence in the organization, exposed machines, threat context, and its impact to your organization's exposure score.
  3. In the flyout panel, select Open software page to dive deeper into your software inventory. You will see how many weaknesses are discovered with the application, devices exposed, installed machines, version distribution, and the corresponding security recommendations for the weaknesses and vulnerabilities identified.

How it works

In the field of discovery, we are leveraging the same set of signals in Microsoft Defender ATP's endpoint detection and response that's responsible for detection, for vulnerability assessment.

Since it is real-time, in a matter of minutes, you will see vulnerability information as they get discovered. The engine automatically grabs information from multiple security feeds. In fact, you'll will see if a particular application is connected to a live campaign. It also provides a link to a Threat Analytics report soon as it's available.

Report inaccuracy

You can report a false positive when you see any vague, inaccurate version, incomplete, or already remediated software inventory information in the machine page.

  1. Select the Software inventory tab.

  2. Click : beside the software that you want to report about, and then select Report inaccuracy. Screenshot of Report inaccuracy control from the machine page under the Software inventory column
    A flyout pane opens.
    Screenshot of Report inaccuracy flyout pane

  3. From the flyout pane, select the inaccuracy category from the Software inventory inaccuracy reason drop-down menu.
    Screenshot of Report inaccuracy software inventory inaccuracy reason drop-down menu

  4. Include your email address so Microsoft can send you feedback regarding the inaccuracy you reported.

  5. Include your machine name for investigation context.


You can also provide details regarding the inaccuracy you reported in the Tell us more (optional) field to give the threat and vulnerability management investigators context.

  1. Click Submit. Your feedback is immediately sent to the Threat & Vulnerability Management experts with its context.