Unauthorized software install

We recently had an audit and one of the recommendations was to monitor the network for unauthorized software install.  We have several Solarwinds products and I'm hoping one of these will fit the bill.

We have:





If there is anyone that would have a suggestion.  The only document I could find on THWACK was an old document for the SEM when it was still called LEM and this document specified it could only monitor for software that was installed with windows installer and made registry changes.  Items like PUTTY would not be picked up by the monitoring..