I have been looking at Live Discover and like the look of it. I am not an expert in Threat Hunting, but I was hoping I could use Live Discover to help me with my day to day IT tasks. I was thinking along the lines of the following.
- Machine is NOT fully patched. I know I can look for a specific missing patch, but would like to list all machines that are out of date
- User logged on with admin rights
- Machines with X software installed. QuickTime would be a good example in my case
- Retrieve software version. I was thinking about Acrobat DC as Application Control can only block DC as a whole, not a certain version. I need to find all the out of date DC
- When did the user last use a certain application. I could remove it, if they weren't using it
I am not sure where to start. Could someone please give me some guidance.
Best wishes Michael