There's a feature in Vulnerability Response that was released in V18.0 where you can reapply CI Matching Rules after the Source Data is updated on a Discovered Item. What this means is that when your vulnerability scanner gives new Source Data, it can be configured to rerun the CI Matching Rules overnight. If there is enough new information in that Source Data to match a CI in your CMDB, it will match through our normal process and make the subsequent changes within Vulnerability Response.
The case where this is most appropriate is when the scanner initially completes an unauthenticated scan and returns insufficient data for a match within the CMDB. When a subsequent full or agent scan happens that will provide additional information, we can use this process to look into the CMDB for a proper match.
To use this process, the system admin will need to enable the scheduled job called "Re-apply CI Lookup Rules on the Changed Discovered items." By default it's inactive. It's preferred to run this as a nightly process and would be best if it's schedule doesn't coincide with the scanner integration processes.
