Security Vulnerability reporting?
Perhaps not a pure SAM question but I'm looking for a tool which can report on patch levels down to the fixpack/hotfix level (i.e. below point release). The aim is to be able to identify which applications are at risk of known vulnerabilities - we're approaching this from a security rather than Asset Management perspective. So, for example, identify all apps which are vulnerable to the Heartbleed SSL vulnerability. Our existing SAM tool (Snow) gathers data for N-x reporting but that's quite a blunt tool - old versions of software aren't always insecure and for many applications vulneralities are fixed in patches first prior to being rolled up into a point release.