Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.

Use discovery models to match software with vulnerabilities

Log in to subscribe to topics and get notified when content changes.

Use discovery models to match software with vulnerabilities

A discovery model is a software model associated with a customer software installation. If your instance uses Software Asset Management or Discovery to search for vulnerable software, you can use discovery models in Vulnerability Response to match software with vulnerable items.

Before you begin

Role required: sn_vul.vulnerability_write


  1. Navigate to Vulnerability > Libraries > Vulnerable Software.
    A list of vulnerable software downloaded from the NVD is shown.
  2. Click a vulnerable software record to open it.
  3. Click the Match discovery model related link.
    A Possible Software Discovery Model pop-up window displays a possible match for the software.
    Possible Software Discovery Models
  4. If the suggestion is correct, click the software name.
  5. If suggestion is not correct, close the pop-up window, click the magnifying glass list icon on the Software discovery match field, and select a discovery model.
  6. Click Confirm Model Auto-Match to confirm that the correct discovery model has been selected.
  7. Click Update to save the record.

    You can also select discovery models for multiple records from the Vulnerable Software list. Select the check boxes for the records you want to match to a discovery model. Then select Match discovery model from the Actions on selected rows choice list.

    If you match discovery models from the list, review each of the matched discovery models to ensure that they are correct. To confirm that the discovery models are correct, open the record where the model was matched. Then click the Confirm Model Auto-Match link at the bottom of the form.

    As each record is confirmed, the Auto-Matched Discovery Model and Auto-Match Confirmed check boxes are selected. The Vulnerable Items related list displays the vulnerable items discovered for this software.