While I agree with the article, I do not know how USM can be used to achieve the objectives related to software inventory:
* I do not see how AlienVault can be used to have an exhaustive and reliable software inventory automatically. The only thing I know that feeds automatically the "software" tab of an asset page is the nmap scan, but this gives only a list of applications that are listening on the network (and not even a reliable list, as nmap can be wrong). Is there a way for example that the vulnerability scan feeds the software tab with exhaustive and reliable info about software and versions? or something else I have missed, except for manually entering the list of softwares?
* I do not see how AlienVault can be used to capture unlicensed software. Is there a way to raise an alarm when a new software is seen on an asset? or when a new asset is discovered on the network?
Thanks in advance for your tips regarding these points!
The blog post makes me think I have perhaps missed something