Improving Vendor Name Matching - PAS Integrity Software Suite - 7.3 - Help - Intergraph

Integrity Help

Language
English
Product
PAS Integrity Software Suite
Subproduct
Cyber
Search by Category
Help
PAS Version
7.3

Vendor names can vary, such as Microsoft and Microsoft Corporation. The Vulnerability Matching window allows you to indicate that both of these values indicate the same vendor. By associating multiple versions of vendor names that indicate the same vendor, the vulnerability matching can be completed more accurately. Cyber Integrity provides default rules to handle many common name variations, such as company names with and without corporation or Inc. These default rules address most matching rules you need.

Another case is when one vendor is purchased by another vendor. You might want to associate the two vendor names with each other, since the product could be associated with either vendor name.

  • When you finish refining the matching rules, be sure to Save your changes. If you close the window or navigate to a different page without saving your changes, the changes are discarded.

  • To modify the matching rules, you must have the ConfigMgr or Administrator role.

To refine vendor name matching rules:

  1. Open the Cyber Integrity web interface.

  2. Click Vulnerabilities > Matching in the left navigation bar.

  3. In the View by field, select how you want to view matches:

    • CPE - lists the structured naming scheme values from the NVD in the left column of each section and allows you to select values from the Integrity inventory that should match the NVD value.

    • CPE - Limited to ICS-CERT - lists the structured naming scheme values from the NVD in the left column of each section and allows you to select values from the Integrity inventory that should match the NVD value. The NVD data is limited to entries linked to the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

    • Inventory - lists Integrity inventory values in the left column of each section and allows you to select values from the CPE entries in the NVD that should match the inventory value.

    • Inventory - Limited to ICS-CERT - lists Integrity inventory values in the left column of each section and allows you to select values from the CPE entries in the NVD that should match the inventory value. The NVD data is limited to entries linked to the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). This option is the default view.

  4. Click Vendors to expand the Vendors section of the window.

    If you chose View by: Inventory, the left column lists the vendor names from the Integrity inventory. If you chose View by: CPE, the left column lists the vendor names from the NVD.

  5. Select a vendor name in the left Vendors column for which you want to adjust the matching rules.

    The Confirmed Matches column lists the vendor names that are considered matches based on the existing rules. The Potential Matches column lists the vendor names that are possible matches, but are not considered matches based on the existing rules.

  6. If you want to remove a confirmed match, select the vendor name in the Confirmed Matches column, and then click the right arrow (>) button.

  7. If you want to add a confirmed match, select the vendor name in the Potential Matches column, and then click the left arrow (<) button.

  8. If you want to add a confirmed match that is not listed in the Potential Matches column, complete the following steps:

    1. Click the Add a match manually button above the left arrow (<) button.

    2. Click the vendor you want to add as a confirmed match, and then click Add.

    3. Click Close. The vendor you selected is now listed in the Confirmed Matches column.

  9. Click Save.