How would you like a simple, effective, and consistent way to improve your software asset management and security?
You would probably like it a lot once you were convinced it actually does all of the above. So, allow us to explain.
This thing goes by the accurate-but-not-exactly-poetic acronym SWID: SoftWare IDentification Tags. SWID is supported by TagVault.org, a neutral not-for-profit certification authority. These tags, which the vendors create and are responsible for, contain unique information about an installed software application, including its name, edition, license, version, whether it’s part of a bundle and more.
While that might not sound like much it really, really is.
Here’s how it will help you with software asset management: The way things are today, your SAM discovery product(s) either use catalogs or are using an architecture that is software driven. This is a huge problem. First, catalogs are not always kept up-to-date by vendors. While some vendors – including IBM – put a lot of business resources into making sure their catalogs are timely, this is not true for everyone. So what you end up with isn’t a complete list but a best-effort set of data points.