Does your organization implement continuous monitoring for software and service inventory changes across all platforms, including containers and virtual machines?
Explanation
Continuous monitoring of software and service inventory changes helps detect unauthorized modifications, potential vulnerabilities, and security risks in real-time.
This includes tracking new software installations, updates, removals, and configuration changes across physical servers, virtual machines, and container environments like Docker or Kubernetes.
Without this monitoring, malicious software could be installed or legitimate services could be modified without detection.
Evidence could include screenshots or reports from inventory management tools (like Tenable, Qualys, or Microsoft Defender for Cloud), configuration management systems (like Puppet, Chef, or Ansible), or container security platforms (like Aqua Security or Prisma Cloud) showing active monitoring capabilities and change detection alerts.
Implementation Example
Constantly monitor all platforms, including containers and virtual machines, for software and service inventory changes
ID: ID.AM-02.123
Context
- Function
- ID: IDENTIFY
- Category
- ID.AM: Asset Management
- Sub-Category
- Inventories of software, services, and systems managed by the organization are maintained
Related questions
- Does your organization maintain comprehensive inventories of all hardware assets, including IT equipment, IoT devices, operational technology (OT), and mobile devices?
- Does your organization implement automated network monitoring to detect new hardware and update inventory records in real-time?
- Does your organization maintain a comprehensive inventory of all software and services, including commercial, open-source, custom, API, and cloud-based applications?
- Does your organization maintain a comprehensive inventory of all systems within your environment?
- Does your organization maintain documented baselines of expected network communication patterns and data flows for both wired and wireless networks?
- Does your organization document and maintain baselines of expected communication patterns and data flows with third parties?

