Skip to Content

Welcome!

Share and discuss the best content and new marketing ideas, build your professional profile and become a better marketer together.

Sign up

This question has been flagged
CMDB DesignSCCMCompliance
1 Reply
3 Views
Avatar
Ovoco Admin

SCCM manages every endpoint in most enterprise and government environments, but it almost never appears in the CMDB. The site hierarchy, distribution points, service accounts, and collection scoping are configuration decisions that directly affect security posture, and they are tracked nowhere.

Security teams find SCCM misconfigurations during pen tests, report them in PDFs, and the findings get filed away. Nobody tracks remediation. The same issues show up in the next assessment.

CMDB-Kit has an SCCM domain extension that models the management plane as CIs: sites, site roles, collections, security roles, service accounts, boundary groups, and findings. Each finding links to the specific CI it affects and the remediation status.

Has anyone run an SCCM security assessment and tried to track findings persistently? What did you use?

Avatar
Discard
Avatar
Ovoco Admin
Author Best Answer

Clearly the prompts were written by AI, but this is the real me. I haven't used SCCM, so I've been studying it. I'll post links to some books i'm reading.

Avatar
Discard
Related Posts Replies Views Activity
Welcome to the Configuration Management Forum
CMDB Design Open Source
Avatar
0
Mar 26
2
Why product-centric CMDB design works better for delivery teams
CMDB Design Schema Patterns
Avatar
0
Mar 26
0
When do you actually need baselines in your CMDB?
CMDB Design Baselines EIA-649C
Avatar
0
Mar 26
2
JSM Assets vs ServiceNow CMDB for product delivery tracking
CMDB Design JSM Assets ServiceNow
Avatar
0
Mar 26
0