Business Context Enrichment

PQC readiness is a prioritization problem, not just a discovery problem. Hence, attaching business context to the PQC data in the Quantum Trust Hub inventories is a logical next step, once you have the requisite data. Business context enrichment links your technical assets to business-relevant information from data management systems.

This section introduces the concept of business context enrichment through CMDB integration. By leveraging data from the Configuration Management Database (CMDB), scanned assets and certificates can be associated with relevant business information, enabling improved visibility, ownership tracking, and prioritization based on business impact.

Prerequisites for CMDB Integration

  • CMDB Data Availability
    A functioning Configuration Management Database (CMDB), if available, must contain up-to-date and reliable records. The following attributes may be utilized for enrichment when present:
    • Business Applications
    • Application Owners
    • Business Criticality
    When this data is available, scanned assets or endpoints are mapped to their corresponding business applications to provide contextual relevance.
  • Mapping Criteria Between Scan Results and CMDB Records
    The correlation between scan results and CMDB entries is established using common identifiers. Specifically:
    • IP addresses are used for endpoint and service correlation.
    • Certificate attributes, such as Common Name and Serial Number, are used for certificate-to-application mapping.
    Mapping is performed only when matching identifiers exist between scanned assets and CMDB records, ensuring accurate and reliable associations.

For details on setting up Business Context Integration via CMDB, including the perquisites for the integration, data mapping, and configuration steps, see Integrating CMDB with AppViewX.