Handle software risk
Software risk analyzes the apps your devices report and opens findings — end-of-life software, vulnerable versions, unsanctioned remote access, licensing exposure, and policy violations. You triage them: acknowledge, resolve, or allow.
Before you start
- Findings come from installed-app collection, which is opt-in — turn it on in Configure Movitera Link collection.
- As the page itself warns: the analysis uses the list of software reported by the devices — it doesn't replace an antivirus/EDR.
- Triage actions and the Policy tab require
Gerenciador(Manager) access; everyone else follows along read-only.
Understand a finding
| Finding type | What it flags |
|---|---|
Acesso remoto não autorizado (Unsanctioned remote access) | A remote access tool outside the team's sanctioned list. |
Violação de política (Policy violation) | Software in a category blocked by the team's policy. |
Software em fim de vida (End-of-life software) | A version that left (or is about to leave) support, with the end-of-life date. |
Versão vulnerável (Vulnerable version) | A version with known vulnerabilities — the evidence lists the CVEs with links. |
Exposição de licenciamento (Licensing exposure) | A license model that can cost money — for example, "free for personal use only" in corporate use. |
Each finding has a severity — Crítica (Critical), Alta (High), Média (Medium), or Baixa (Low) — and a status — Aberto (Open), Reconhecido (Acknowledged), Permitido (Allowed), or Resolvido (Resolved). The IA (AI) badge marks titles classified automatically. Some findings refer to the device's operating system, not an app — the detail says so; in those cases, the fix is updating the system.
Triage the findings
- 1
Filter the `Achados` (Findings) tab.
Combine status, severity, finding type, and device. Notifications about new findings open the list already filtered by the device.
- 2
Click a finding to open the detail.
The panel shows the software (version, source, device), the evidence — end-of-life date, CVEs, license model — and the finding's timeline.
- 3
Use the triage actions.
Reconhecer(Acknowledge) records that the team knows about the risk;Resolver(Resolve) closes the finding after you uninstall or update;Reabrir(Reopen) undoes it. Each action confirms with the toast "Achado atualizado" (Finding updated). The daily scan resolves on its own the findings whose software was uninstalled. - 4
For software the team approves, click `Permitir este software` (Allow this software).
The dialog warns: it closes every open finding for the package on every device and prevents new ones from being created. Enter the
Motivo(Reason — for example, "Approved by security") and decide whether the allowance covers every finding type or only the current one. Confirm withPermitir(Allow).resultToast "Software adicionado à lista de permissões" (Software added to the allowlist). The entries live in the Policy tab.
Tune the policy
Ferramentas de acesso remoto sancionadas(Sanctioned remote access tools) — the team's official tools; installs of them don't generate remote access findings, anything else stays flagged.Categorias bloqueadas(Blocked categories) — software in these categories (Torrent,Minerador de criptomoedas(Crypto miner),Ferramenta de crack(Cracking tool), Anonymizer, Adware, Bundler) generates policy violation findings.Notificar novos achados(Notify new findings) — inventory managers and administrators receive notifications in the app and by email.Lista de permissões(Allowlist) — the allowed titles, with the reason and the author. Removing an entry makes the next scan flag the software again, if it's still installed.