> Security > Security activity > Application information view

Application information view

The application information view is a LANDESK Security Suite feature that shows information about the applications used on a specific endpoint. It helps admins detect and troubleshoot suspicious and malicious applications.

For example, if a user calls support complaining that his computer isn't working correctly, an IT admin can open the Application information view for that device. The admin then uses it to determine which applications were running on the device and view detailed information about those applications.

For each detected application, this view shows:

  • File name/path
  • Date discovered
  • Last executed
  • Reputation and LANDESK reputation
  • The number of devices the file has been detected on
  • File version, company name, and product name
  • SHA256 hash

Additionally, if the endpoint has the endpoint security agent installed, the following information is available for each application:

  • Amount of network traffic sent/recieved
  • The URL or IP the application connected to
  • Memory and CPU usage

The application information comes from the last inventory scan. If you need more recent information, a Data sync button lets you remotely trigger an immediate inventory scan. It can take a few minutes for the remote scan to complete and for the Application information view to refresh.

The Application view toolbar provides quick access to the following tools:

  • Diagnostics window
  • Full device inventory
  • Security and patch information
  • Remote control
  • Virus scan
  • Remote reboot
  • Virus Total (requires file hashes from the inventory scanner, this isn't enabled by default)
  • IOCBucket searches
  • Community and Google searches

 

 


Was this article useful?    

The topic was: