Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Create a Support Ticket
  • Partner Portal
  • Cyrisma MSP Dashboard
  • Home
  • User Manual
  • Compliance

Shadow IT: Application & Plugin Visibility and Risk Grading

Shadow IT is a powerful new compliance-focused feature within CYRISMA that enables visibility into all applications and plugins installed across systems within a customer environment—including laptops, desktops, servers, and mobile devices. This insight helps organizations enforce security policies, reduce risk exposure, and maintain compliance with internal or regulatory requirements.

Written by Liam Downward

Updated at April 25th, 2025

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • User Manual
    Overall Risk Dashboard Agent Status Report Builder Data Scan Vulnerability Scan Secure Baseline Compliance Mitigation Dark Web MSP Interface Instance Admin
  • Self Onboarding Guide
  • Agents
  • The Cyber Risk Assessment Process
  • PSA Integrations
  • General Questions and Troubleshooting
    Agent Troubleshooting Scanning Troubleshooting
  • The Cyber Risk Assessment Process (Video Tutorials)
  • Sales and Prospecting Articles
  • API Documents
  • Support Ticket SLA
  • Billing Questions
+ More

Table of Contents

Why It Matters Key Benefits How It Works Where to Find It Overview of Target Risk Profiles Example Use Cases FAQs

Why It Matters

Without proper visibility into installed applications across client systems, organizations face significant challenges:

Security risks from unapproved or outdated software

Compliance gaps from missing software controls

Operational inefficiencies in inventory management

With Shadow IT, CYRISMA bridges this gap by giving you a clear, risk-graded view of installed applications across all endpoints.

Key Benefits

✅ Categorized Application Inventory
Easily view what software is installed on which devices. All software is automatically categorized to simplify asset tracking.

✅ Customer-Specific Insights
All data is scoped per instance, allowing MSPs and clients to view software trends within their unique environment.

✅ Risk Grading
Each installed application is assigned a risk level (Low, Medium, High) based on type, behavior, and known vulnerabilities—so you can prioritize remediation and compliance enforcement.

How It Works

Once enabled, CYRISMA scans across endpoints within a customer instance. The system collects metadata on installed software and plugins, which is then:

Categorized into logical groupings (e.g., Business Applications, Drivers, Development Tools).

Scored using CYRISMA’s internal risk engine.

Displayed in a visual dashboard that highlights high-risk software and affected systems.

Where to Find It

You can access the Shadow IT dashboard under the Compliance tab → Shadow IT.


From here, you can:

See the total number of scanned targets and categories

Top 5 Software Categories by Installation Count

Featured Software and Plug-In Categories include:

  • All-in-One Collaboration Suites
  • Browser-based Collaboration (Lightweight tools)
  • Business Applications
  • Consumer-Oriented Cloud Storage (Also used in SMBs)
  • Database Tools
  • Development Tools
  • Email & Secure Messaging
  • End-to-End Encrypted / Privacy-Focused Storage
  • Enterprise Cloud Storage Platforms
  • Gaming
  • Hardware & Drivers
  • Live Chat, Sales, & Customer Engagement
  • Media & Design
  • Messaging & Team Chat
  • Other (Netflix, Twitter, Torrenting Apps)
  • Productivity Tools
  • Remote Access & Remote Support Tools
  • Security Software
  • Self-Hosted / Private Cloud Solutions
  • Specialized Cloud Backup & Archival
  • System Utilities
  • Video Conferencing & Virtual Meetings
  • Virtualization
  • VoIP & Unified Communications

On the top right hand side of the page you can change the default risk profile set up:

Overview of Target Risk Profiles

  • In this section you can click on a target to view the number of different software in your categories discovered and a separate column for your high risk categories
  • When viewing the software or plug in category on a specific machine you can see the software name, version and software category

Explore Top 5 risky applications and systems

  • Drill into a specific target to view its software inventory and risk grades

Example View:

 

Example Use Cases

MSPs identifying risky business applications across client systems

Security teams reviewing plugin usage for potential exploitation

Compliance officers validating approved software use across departments

FAQs

Q: Does Shadow IT scan browser plugins or only installed software?
A: Shadow IT scans both installed software and browser plugins, depending on agent permissions and configuration.

Q: How is the risk level of an application determined?
A: Risk levels are calculated based on vendor reputation, update frequency, exploit history, and other telemetry sources integrated into CYRISMA’s risk engine.

Q: Can I export reports based on this data?
A: Yes, software inventory and risk profiles can be exported into formatted reports for audits or compliance documentation.

shadow it compliance risk grade application app plugin software grading visibility categories

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Why Can't I Undo a Patch Done by CYRISMA?
  • Can I Use My Local Agent for Cloud Scans?
  • How to Deploy CYRISMA Agents in a Prospecting Scenario
Expand