CAASM Use Case #14: CMDB Reconciliation and Maintenance

CAASM Use Case #14: CMDB Reconciliation and Maintenance

Welcome back, digital explorers! 🌐 Is your CMDB a good map of your IT Enterprise? Or are pages missing?

Today, we’re diving into the fourteenth adventure of our Cybersecurity Observability use cases series.

This time, we’re not just dusting off old relics—we’re on a mission to reconcile and maintain the map of your IT environment: the Configuration Management Database (CMDB).

Imagine your CMDB as a treasure map. It’s supposed to show you every nook and cranny of your digital kingdom. But what happens when that map is outdated, incomplete, or just plain wrong?

One outcome is watching your security team flying blind at high speed. Not good when you’re up against cyber threats lurking in the shadows.

But don’t worry! We’re going to turn that old map into a digital masterpiece, using the power of CAASM and Axonius.

Table of Contents

CMDB Conundrums: The Incomplete Puzzle

CMDBs are the backbone of IT asset management. They’re supposed to be the single source of truth. But in the fast-paced world of virtual machines and cloud computing, they’re often more like a puzzle with missing pieces.

What’s the problem? Well, for starters, CMDBs rarely capture every asset in your environment:

  • Virtual machines come and go like ships in the night.
  • Cloud instances spin up and disappear before you’ve even had your morning coffee.

And let’s not forget the inconsistencies—different naming conventions, outdated OS versions, or mismatched data fields that leave your CMDB looking more like a guessing game than a reliable resource.

You’re left wondering: How can we secure what we don’t even know exists?

Enter SJULTRA's Cybersecurity Observability Service

This is where Axonius steps in like a superhero, cape and all. 🦸‍♂️ Axonius takes your CMDB and injects it with a dose of CAASM magic. Think of it as turning your treasure map into a high-resolution GPS.

Axonius aggregates data from a galaxy of sources—endpoint agents, identity management systems, network monitoring tools, and more. It deconflicts this data, giving you a crystal-clear view of every asset, user, and cloud instance in your environment. No more missing pieces. Just one unified, accurate CMDB that your security team can actually rely on.

With Axonius, you can finally answer those nagging questions:

  • How many assets are missing from the CMDB?
  • Are there devices marked as disposed in the CMDB but still active in Axonius?
  • Do the device details in the CMDB match the latest data?

Book your free CAASM trial now

Get visibility on all 14 cybersecurity observability use cases in less than 30 days with SJULTRA.

Jumping clear of the CMDB pitfalls

CMDBs aren’t just a challenge because they’re incomplete. They’re also fraught with traps. Ever tried running a simple network scan to update your asset inventory?

What, with remote work, cloud services, and IoT devices, that’s like using a metal detector in a coal mine—it’s not going to find everything. Lord only knows what it does have in there.

And some assets just don’t play nice with traditional tools. Maybe they’re hidden behind layers of network security, or they’ve gone silent and aren’t communicating. These are the gaps that leave your CMDB full of holes—and your network full of risks.

But with Axonius, you can dig deeper. It’s like having a treasure map that updates in real-time, showing you every hidden asset and every discrepancy.

Tools of the Trade: Essential Data Sources

Once we’ve got Axonius set up (remember, SJULTRA offers a free 30-day trial), we can start to fill in the gaps on the maps so future explorers can find that treasure (and those poor high-flying security folks can avoid the clouds!).

To keep your CMDB accurate, you need to connect to the right data sources. Here’s where to start:

  • CMDB Platforms: ServiceNow, Cherwell, Lansweeper.
  • Identity Access Management: Microsoft Active Directory.
  • MDM/EMM Solutions: Absolute, Citrix XenMobile, Jamf.
  • Configuration & Patch Management: Microsoft SCCM, Tanium.
  • Endpoint Protection: EDR/EPP tools.
  • Networking Tools: Monitoring systems to spot new devices.
  • Vulnerability Assessment Tools: Identify known vulnerabilities.
  • Cloud & Virtualization: Ensure your cloud assets are counted.

Devices seen in the last 30 days but not in the CMDB

A simple and useful way to reconcile differences between Axonius and CMDB platforms is to compare what has been seen in Axonius within a given timeframe, but never seen by a CMDB adapter source (in this case, ServiceNow).

sjultra axonius caasm cmdb devices 30 days

Find devices not listed in the CMDB

One of the beauties of Axonius is the access to > 1,000 adapters (therefore, data sources) and it’s ability to reconcile them and let us query them

We can use this to check “what’s out there” in the IT landscape, using different tools, then check “what’s in there” in the CMDB — what’s the gap/difference?

Update the CMDB with Axonius data

So let’s stop pointing out all the problems with the CMDB and instead help to fix some.

When devices that should be added to your CMDB are found in Axonius, you can automatically add them using the Create CMDB Computer action under the Manage CMDB Computer category in the Axonius Security Policy Enforcement Center.

Any time a saved query provides new results, they can automatically be added to the CMDB using this enforcement. When additions are made to the CMDB, you can specify the CI table where they will be added, and specify additional fields to be added in JSON format.

Summary

People like me have been moaning about CMDBs since about 2004 when virtualization was starting to take over datacenters and we realized how unreliable CMDBs were — so we had to do huge IT estate scans…

…but with Axonius, that’s a thing of the past. It only took me 20 years to find it…. DAMN! 🙂

And don’t forget our no catch, no cost, no obligation, limited time free Axonius trial offer.

Axonius documentation and Videos

Read the Axonius documentation: Identifying and prioritizing vulnerabilities