Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
BeyondTrust Endpoint Privilege Management
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Not Verified
What It Detects
Identifies BeyondTrust EPM-managed endpoints where the Applications field is empty, indicating no application inventory has been collected. Application inventory is essential for defining and enforcing application control policies. Without it, organizations cannot create targeted elevation rules, whitelist/blacklist applications, or detect unauthorized software installations.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
Connectors
match
BeyondTrust
Data Source Details
and
[{'field': 'Applications', 'operator': 'empty'}]
Remediation
×
×
×
×
+ Add item
Why It Matters
×
×
×
+ Add item
Save Changes
Export Lucidum