SAM NVD vulnerability detection

Software Asset Management (SAM), working with discovery tools, creates records listing installed software within your network. The National Vulnerability Database (NVD) information indicates which versions of software have known vulnerabilities. SAM NVD vulnerability detection combines this information to track Vulnerabilities within your system.

It is best practice to start with a limited subset of vital configuration items and high priority vulnerabilities. Use the filters to select only those CIs or vulnerabilities you want to monitor for vulnerabilities. Otherwise, every CI and vulnerability in your system is included in the scan.

The following business rules have been created or updated with the new settings.

Table 1. Business rules changes and additions
Business rule Description
Insert vulnerable item

[cmdb_sam_sw_install]

Updated to run only when SAM NVD vulnerability detection is enabled and adheres to any CI and Vulnerability filters.
Determine vulnerable items

[sn_vul_software]

Updated to run only when SAM NVD is enabled and adheres to any CI and Vulnerability filters.
Store values to system properties

[sn_vul_sam_config]

Saves configuration from the Configure SAM NVD module to System Properties.
SAM+NVD settings update

[sn_vul_sam_config]

Rechecks for vulnerable items when Configure SAM NVD settings are updated.