Whitelisted / Authorized software tracking in SAM/CMDB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-27-2025 11:54 PM
Dear Community,
Our whitelisted software is registered in CMDB (cmdb_ci_service table).
So, all applications / services registered here is considered whitelisted to be used, and users can deploy them.
At the same time we have SAM Pro to discover all our installed applications (ServiceNow Discovery + ACC Agent + Intune)
Question:
Any ideas or best practises how to match CMDB Whitelist with discovered deployed software? Our end goal is to have report where we have discovery models/or software installations and mark it as Authorized or Unauthorized. We understand it might require some manual work due to normalization of product names etc. Has anybody done similar exercise ?
Thanks for ideas,
Mantautas.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2025 02:19 AM
Hi @Mantautas Suggestion from me:
- You have to match CMDB Whitelist with discovered deployed software bassed on the Attributes registered in CMDB (cmdb_ci_service table).
- You can also discovered software data goes through the Normalization Process, Normalization Rules, that can be help align software discovered by all applications (ServiceNow Discovery + ACC Agent + Intune).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-09-2025 12:09 AM
Hi @Mantautas,
SAM Pro Software Models contains of two fields „Certified“ and „Restricted“ for this use case. Please check the following docs article about SAM and TPM. Based on the linked software product you could update the fields based on your whitelist
Best, Dennis