Cherwell IT Service Management Blog
Resources, Best Practices, and Solutions for ITSM Pros

Three Software Identification Methodologies – Understanding the Pros and Cons

Posted by

We often field questions from prospective customers about the different methodologies that can be used for software identification, along with their relative advantages and disadvantages, so I thought it might be helpful to devote a blog post to the topic.

First of all, why is accurate software identification important? Well, without it, it’s virtually impossible to effectively manage your organization’s software. Just a few examples of areas impacted by the strength of your software identification are:

  • Tracking software licenses and managing license compliance
  • Ensuring end users are equipped with the appropriate software, versions, and patches
  • Identifying unauthorized or harmful software on the network

So, what exactly do we mean by “software identification”? Software identification, at the most basic level, refers to the ability to recognize installed software applications by their known titles. Sounds pretty straightforward, right? Unfortunately, it’s much easier said than done. That’s because there exists no standard methodology for identifying installed software; there’s no one single file attribute or machine location that can be consistently relied on for proper identification. (Many believe software identification will eventually become much more standardized–and therefore simplified–with the introduction of the ISO/IEC 19770-2 standard for software identification tagging – but that’s another blog topic in and of itself.)

If you’ve ever tried to determine by hand exactly what resides on your own computer, you know it’s a time-consuming and tedious process. You might be tempted to rely on Add/Remove Programs, but you’d quickly realize that a couple of apps you installed last month aren’t represented on the list. Due to the inherently inaccurate and burdensome nature of manual inventories, specialized technology is available to help automate the software inventory process. These tools vary widely in terms of data collection methodology, scope of capabilities (enterprise suite vs. point product), delivery model (SaaS vs. on-premise), and, of course, price.

Typically, software inventory tools reveal software file information such as application title, product ID, size, date, path, and version, and, ideally, whether any particular software installation is a standalone version or part of a suite. Such technologies generally rely on one of three techniques to identify installed applications.

1) File header analysis. One technique, file header analysis, examines the file headers for each individual executable. This approach is very exhaustive but often results in double-counting applications comprised of more than one executable. In addition, this methodology relies on software manufacturers to properly enter file header information. Surprisingly (or maybe not?), this data is often unreliable.

2) Registry analysis. Registry analysis involves looking at applications installed using the standard Windows Installer mechanism. Although this generally identifies applications properly, it doesn’t take into account other installation mechanisms, so it’s often limited in its comprehensiveness.

3) Software Identification Database. A final approach to software recognition is through utilization of a software identification database. Compiling and keeping up to date a software identification database is a lengthy and tedious process, but when used in conjunction with the proper algorithms, this method is able to identify with greater accuracy a higher percentage of applications. (Express Software Manager relies on a software identification database, the Express Software Identification Database (ESID), for application recognition.)