Run the National Vulnerability Database integration

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Run the National Vulnerability Database (NVD) integration to import data from the National Institute of Standards and Technology (NIST) NVD product. Running the NVD integration gives you the foundational Common Vulnerabilities and Exposures (CVEs) data referenced by the Microsoft Defender for IoT (Azure) vulnerabilities to help you determine the severity and details of vulnerabilities in your environment.

    Before you begin

    Before you run the NIST NVD integration on your instance, the installation and configuration steps for the integration must be completed. Completing the installation and configuration ensures that the NVD product properly integrates with the Operational Technology Vulnerability Response application.

    To install the NVD plugin, see Install the Vulnerability Response Integration with the NIST National Vulnerability Database.

    Role required: admin

    Procedure

    1. Navigate to All > Azure D4IoT Vulnerability Integration > Admin > Guided Setup.
    2. In the Configure Integration section, select Configure next to the Import National Vulnerability Database (NVD) CVE Entries task.
    3. Depending on which is active, select either the NIST NVD integration - API (CVE only) record or the NIST National Vulnerability Database Integration – API (CVE and CPE) record.
      Note:
      The NIST NVD integration - API (CVE only) record is most commonly active by default.
      NIST National Vulnerability Database Integration - API CVE only record.
    4. To edit the record, set the Application scope to Vulnerability Response Integration with NVD using the globe (Globe icon) icon.
    5. In the Import Since field under the Integration Details tab, set the value to a date in the past.
      Note:
      This is required so a full import of the NVD occurs. The recommended date is 1999-01-01 00:00:00.
    6. Select Save.
    7. Select Execute Now.