Software Identification Tag Lifecycle
This diagram shows a simplified software identification tag lifecycle from creation through installation and eventual uninstallation.
Certified Software Identification Tags in Action
When certified tags are discovered by SAM tools, signed data is validated by the SAM tool. This offers a third party validation that the entity claiming to be the publisher is, in fact, the publisher. This also ensures that the data about discovered software as seen by SAM practitioners is exactly the same data as provided by the publisher. This is particularly important where this information may be used for security validation. The consensus audit guidelines (CAG), specified for government-managed computers, specify that a critical control for organizations is to have an inventory of authorized and unauthorized software. TagVault.org certified software tags provide an authoritative level of inventory control that is unmatched.
Not only does the TagVault.org certified tag provide inventory information, but it also provides information down to the package footprint level. This provides individual file details for all files associated with a software title. Information at this level allows a SAM practitioner to filter out any files associated with a recognized installed application. This allows organizations that want a very stringent level of software policy applied to their systems to ensure that:
- Only known software is installed
- The known software can be validated
- Any unknown files can very quickly be identified
Join TagVault.org to get your software tags certified, or to gain access to the TagVault.org repository and tools.