Tranquil IT Forum

Hello,

and congratulations on this fantastic tool!

Is it possible to:

Update a portable application that is on a USB drive (e.g., the Firefox browser...) which, by definition, is not in the WAPT repository?

Or, if not,

is the agent able to add this portable application to the inventory list?

And if so, can we ask the agent to uninstall the application from the USB drive... or block it?

Thank you.

Steph

Hi Step33f,

in my humble opinion, the best solution for portable applications on USB drives is to block them completely. The easiest way to implement this is with APPLocker/SRP (integrated by default in Windows). This way, portable Firefox (and other executables) no longer work on USB drives, and you can also block executables in user profiles (very effective against ransomware).

However, this requires having fairly comprehensive software libraries so that users don't feel too restricted, and WAPT self-service does this job very well.

Regarding the inventory, it's possible to extend it to return other information, or simply create a WAPT audit package that reports all executables found in non-standard locations (very practical). And while you're at it, you could also add a package to check the local administrators group (you can look at the following package for inspiration: https://store.wapt.fr/store/tis-audit-local-admins).

In any case, if you want to improve the security of your park, you've found the perfect tool.

Sincerely,

Denis