Start Free Trial
INTROSPECTUS

Software Assurance

Software Asset Management Delivered by Software Assurance

Software Assurance 2
Software Assurance 1
Software Assurance 3

Software Assurance Module Overview

Know exactly what you own, what you’re using, and what you’re wasting.

Introspectus Software Assurance Management (SAM) gives IT leaders and procurement teams a single, authoritative view of every software licence across the organisation – from discovery to disposal, with the evidence to act.

Software asset management is not an IT housekeeping exercise. Done properly, it directly reduces operational expenditure, eliminates audit liability, and gives procurement teams the data they need to negotiate vendor contracts from a position of strength.

How Software Assurance Works
SOFTWARE ASSURANCE QUICK LINKS

The Problem We Solve

Uncover the hidden pressures draining budgets, increasing exposure, and overwhelming IT teams.

Most organisations are hit by the same three pressures: unexpected vendor audits that trigger massive unplanned costs, licence waste that compounds every renewal cycle, and a surge of unsanctioned SaaS tools that bypass policy entirely.

Together, they create financial, compliance, and security risks that traditional asset management can’t keep up with.

Three costly problems most organisations face today:

Audit exposure you don't see coming

Frequent vendor audits mean that without accurate licensing data, one notice can lead to huge true‑up fees, legal costs and heavy IT workload.

Budget spent on licences nobody uses

Research shows 30–50% of licences go unused, and without usage insight procurement renews at full volume, compounding waste yearly.

Shadow IT growing faster than policy

Employees adopt SaaS and AI tools without approval, creating compliance risk, governance gaps and security exposure that traditional asset management cannot detect.

How Introspectus Software Assurance Works

Introspectus SAM follows a logical flow – from discovery through to audit readiness – that mirrors how experienced SAM practitioners think.

Eliminate the blind spots and build boardroom confidence.

This allows organisations to achieve:

Discover

Lightweight agents scan every device and build a live software and hardware inventory within hours.

Measure
Usage metering captures real activity so you know what is actually used, not just installed.
Optimise

The platform compares usage to entitlements and highlights reclaim candidates with clear annual savings.

Defend

Audit Readiness generates an Effective Licence Position on demand with exportable evidence for audits.

Core Capability

Complete visibility. Decisive action.
Every SAM function your organisation needs – delivered in an integrated platform that connects asset data, usage evidence and licence entitlements in real time.
SOFTWARE INVENTORY WITH DEVICE DRILL-DOWN

A real-time, agent-driven inventory of every application installed across your fleet – with the ability to drill from any title directly to the specific devices and users where it’s installed, how many hours they have used it this month, and whether their seat is covered by a current licence.

Over‑licensed alert

When TeamViewer runs on 24 devices against a 10‑seat licence, the system flags the breach, identifies unlicensed devices and highlights zero‑activity users.

Per‑user utilisation

The Users tab ranks every licence holder by monthly hours used, surfacing zero‑activity users as reclaim candidates with last‑active dates for manager conversations.

Device assignment export

Export the full device list for any software title as a CSV sorted by usage with licence status, site and last‑active date included.

Clickable compliance filters

The inventory KPI strip acts as an instant filter, letting you click Over‑licensed or Low Utilisation to immediately surface breached or under‑used titles.
LICENSE ANALYTICS
A 12-month visual view of installs, active usage and licence entitlements per software title – so trends are visible before they become problems.
  • Monthly install vs active-user trend charts
  • Compliance summary across all licensed products
  • Over-licensed, compliant, and under-utilised classification
  • Utilisation progress bars with colour-coded thresholds
LICENSE OPTIMISATION
Automated right-sizing recommendations calculated from actual usage data – with each recommendation expandable to show the specific devices to act on.
  • Potential annual saving calculated from current contract rates
  • Expand any row to see per-device usage and reclaim candidates
  • High / Medium / Low priority classification
  • Mark-reviewed workflow with CSV export
USAGE AND METERING
Application focus hours and active session data linked directly to licence entitlements – answering the question your audit team always asks: is anyone actually using this?
  • Focus hours, active hours and session counts per application
  • Trend indicators — increasing, stable, declining
  • Peak usage hour and department breakdown
  • Linked contract and entitlement data in context
CONTRACT AND LICENSE MANAGEMENT
A structured contract register with renewal tracking, invoice management and vendor relationship data – replacing the spreadsheet that nobody trusts.
  • Active, expired and upcoming renewal status at a glance
  • Invoice tracking with unpaid flagging
  • Vendor catalogue with performance records
  • Linked software titles per contract
AI-ASSISTED CONTRACT IMPORT
Upload a vendor invoice or renewal document and Introspectus extracts key fields automatically – vendor, product, seat count, cost, dates, reseller, and more – ready for review in seconds.
  • Single and batch document upload
  • AI field extraction with confidence indicators
  • Reseller, distributor and manufacturer chain capture
  • One-click link to existing software inventory titles

Audit Defence and Governance

Be audit-ready before the vendor calls.

Software vendor audits – Microsoft true-ups, Adobe compliance checks, Oracle GLAS reviews – are increasingly common and increasingly costly. Introspectus gives you the position and the evidence before you need it.

Effective Licence Position (ELP)Vendor-Specific Compliance Rules
Generate a real-time ELP for any software title at any time, showing licences owned, deployed, active, and the variance – in a format auditors accept. Export to CSV for external review in one click.Publisher licence metrics vary significantly. Microsoft counts named users; Oracle counts processor cores; TeamViewer counts concurrent sessions. Introspectus maintains a rule framework for each major publisher.
Exportable ELP on demand Microsoft · Adobe · Salesforce · Zoom · Autodesk
SAM Audit LogEvidence Export Package
Every change to licence counts, compliance status, contract records and vendor rules is captured in an immutable audit log – timestamped, attributed to a named user, and searchable.The Audit Readiness module bundles your ELP, software inventory, contract register, usage evidence, device scan records, audit log and vendor compliance notes into a single downloadable package.
Immutable, timestamped record Audit-ready in minutes
Policy and Shadow IT GovernanceAsset Lifecycle Management
Classify every application as Approved, Monitored, Under Review or Blocked. Surface shadow IT – high-risk applications that are active but not sanctioned – with full usage context.Track every software title from procurement through to retirement with a visual Kanban lifecycle board. Retirement checklists ensure licences are reclaimed, contracts archived and users notified.
Shadow IT detection built in Procurement to Retired workflow

Platform Modules

Every SAM capability in one platform.

Introspectus SAM is delivered as 11 integrated modules covering the full lifecycle from asset discovery through to audit defence. All modules are included; none are sold separately.

Asset Discovery

Fleet scan coverage dashboard with agent deployment status, version tracking and stale-agent detection.

Asset Lifecycle

Kanban lifecycle board from procurement to retirement, with renewal countdowns and retirement checklists.

Policy and Shadow IT

Application and URL governance with shadow IT exposure detection and unsanctioned-domain alerting.

Vendor Compliance Rules

Publisher-specific licence metric frameworks for Microsoft, Adobe, Salesforce, Zoom, Autodesk and more.

Audit Readiness

Effective Licence Position with compliance score, SAM audit log, and a one-click evidence export package covering all seven evidentiary categories required for vendor audit response.

Software Inventory

Complete fleet-wide software discovery with device drill-down, compliance status and linked contract data.

Usage and Metering

Application focus hours, active users, session counts and peak-usage data linked to licence entitlements.

Licence Analytics

12-month trend charts showing installs, active usage and licence levels per software title.

Licence Optimisation

Right-sizing recommendations with per-device reclaim guidance and estimated annual savings.

Licence Management

Structured contract register with renewal tracking, invoice management and vendor relationships.

Contract Import

AI-assisted extraction of contract data from uploaded documents — single or batch, ready for review in seconds.

Who Uses Introspectus SAM

Built for the people responsible for IT spend.

SAM is a cross-functional discipline. Introspectus is designed to give each stakeholder the information they need in the context they work in.

CIO and IT Leadership
Strategic visibility and governance confidence

Senior IT leaders need to know the organisation is not accumulating audit liability and that software spend is defensible to the CFO and board.

  • Real-time compliance position across all vendors
  • Audit-ready evidence package on demand
  • Shadow IT exposure surfaced before it becomes a breach
  • Asset lifecycle governance with clear accountability
IT Asset Managers and SAM Analysts
Operational capability without spreadsheet dependency

For practitioners responsible for the day-to-day SAM function, Introspectus replaces manual reconciliation with automated discovery and structured workflows.

  • Agent-driven inventory with device-level drill-down
  • Automated over- and under-licence detection
  • Per-user usage data for reclaim conversations
  • AI-assisted contract import saving hours per cycle
CFO, Procurement and Finance
Software spend under control and justified at renewal

Finance stakeholders need software costs to be predictable, justifiable and optimised. Introspectus provides usage evidence, savings projections and audit defence.

  • Quantified savings opportunities before each renewal
  • Contract and invoice register with spend visibility
  • Vendor audit risk eliminated with current ELP
  • Reclaim candidates identified with financial impact

Next Steps

Ready to take control of your software estate?

Talk to our team about how Introspectus SAM fits your organisation’s size, complexity and existing tooling. Most customers are live within days – not months.

Take The Next Step

Book a Live Demo

See the full SAM platform in action with your own use cases. Sessions run 45–60 minutes with a senior product specialist.

Download the Datasheet

A two-page summary of Introspectus SAM capabilities, integration options and deployment models for internal circulation.

Request a Proof of Concept

A scoped, time-limited deployment against your own fleet – giving your team direct experience before a commercial decision.

How Introspectus Helps

Each agent compares the current patch list against what is actually installed on its device. Any gap between what has been released and what is deployed is immediately surfaced. Critically, Introspectus pays particular attention to the timing of patch deployment not just whether a patch is present, but when it was applied.

This temporal dimension is central to Essential Eight compliance, where the difference between a patch applied on day two versus day thirty can mean the difference between maturity levels, and between an environment that was protected and one that was exposed.

This combination of daily patch intelligence, severity-based filtering, agent-level validation, and deployment timing analysis gives organisations a real-time, evidence-based view of their operating system patch posture mapped directly to the ISM controls applicable to the Essential Eight patch operating systems strategy.

The Challenge with Patch Operating Systems

The visibility gap here is particularly consequential. A patch may be approved and scheduled, yet never successfully applied due to a failed deployment, a device that was offline during the maintenance window, a reboot that was deferred, or a system that exists outside managed channels entirely.

Organisations that rely solely on deployment tooling to confirm patch status are measuring intent, not reality. The ACSC is explicit on this point: organisations need to confirm patches have been applied successfully, not merely that they were dispatched.

Patch Operating Systems Overview

Within the Essential Eight framework, patching operating systems is a core and non-negotiable control. The ACSC sets clear expectations: patches for internet-facing infrastructure must be applied within 48 hours when identified as critical or where working exploits exist, and within two weeks for standard releases.

Patches for workstations, servers, and network devices must be applied within one month, with tighter timeframes applying in high-threat environments. Critically, the ACSC also mandates that vulnerability scanning occurs at least daily for internet-facing systems and at least fortnightly for workstations and non-internet-facing infrastructure not to replace patching, but to confirm it has actually occurred.

How Introspectus Works

From this inventory, Introspectus performs targeted web intelligence gathering. For each application identified, the platform locates the top five authoritative sources of patch and release information vendor security advisories, release notes, and vulnerability databases and retrieves that content into a central repository.

Aletheia, Introspectus’s AI analysis agent, then reads and analyses this content to extract the intelligence that matters for application patching: the latest available version, whether a release addresses a security vulnerability, the severity of that vulnerability, and all information relevant to the Essential Eight application patching requirements. This structured intelligence is mapped directly to the applicable ISM controls, producing defensible, audit-ready evidence of an organisation’s application patch compliance posture.

The Challenge with Patch Applications

A critical and frequently overlooked problem is the visibility gap. Organisations may believe their applications are current when, in reality, patches have silently failed, devices have missed deployment windows, or software has been installed outside of managed channels entirely.

Without continuous inspection at the endpoint level, these gaps go undetected until an audit or, worse, a breach.

Patch Applications Overview

Within the Essential Eight standard, patching applications is a dedicated and non-negotiable control. The ACSC specifies clear timeframes: critical vulnerabilities in internet-facing services must be addressed within 48 hours, commonly used applications such as office productivity suites, web browsers, email clients and PDF software must be patched within two weeks of release, and all other applications within one month.

For organisations in high-threat environments, the bar is higher still. Meeting these requirements consistently across hundreds of distinct applications deployed across thousands of endpoints is not achievable through manual effort alone.