Device Inventory Compliance

  • Published on Mar 25, 2026
  • 2 minute(s) read
Prev Next

WHAT IS DEVICE INVENTORY COMPLIANCE AND WHY IS IT IMPORTANT?

Device Inventory Compliance is the process of actively tracking all enterprise IT devices. These may include on-site, co-located, or cloud-based servers and storage, end-user devices, network equipment, Internet of Things (IoT) devices, and others. In addition to creating a comprehensive inventory of all devices, various data points describing the devices may also be mandated as specified in the organization’s cybersecurity policy. These typically include items such as a unique identifier for the device (e.g., hostname, serial number, etc.), the business owner of the device, the contact for device support, criticality of the device to the organization’s mission, or if the device is authorized to connect to the organization’s network.

Understanding the devices connected to and used by the organization is an essential prerequisite to being able to protect them, and to detect and remediate any issues discovered on the devices.

CONTROLS THIS DASHBOARD REPORTS ON

The Device Inventory Compliance dashboard reports on your organization’s level of compliance with these controls:

NIST CSF v2.0: Subcategory ID.AM-01 Inventories of hardware managed by the organization are maintained

PCI-DSS v4.0.1: Requirement 12.5.1 An inventory of system components that are in scope for PCI DSS, including a description of function/use, is maintained and kept current.

CIS CSC v8.1: Control 1 Inventory and Control of Enterprise Assets, and Safeguard 1.1 Establish and Maintain Detailed Enterprise Asset Inventory

PRIMARY KEY PERFORMANCE INDICATOR (KPI)

The dashboard reports on this Primary KPI:

Numerator: Devices documented with all required fields in the system of record

Denominator: All discovered Devices

The system of record used for the numerator is typically the configuration management database (CMDB). It can also be multiple CMDBs if the organization uses more than one. The “required fields” for devices can be configured and can be based on the organization’s cybersecurity policy.

The denominator will include, in addition to devices in the CMDB, all devices discovered from tools such as vulnerability scanners, infrastructure management solutions, endpoint protection and response, and others.

COLUMNS DISPLAYED ON THE DETAIL DASHBOARD

  • Leading: Compliance Status, Hostname, Device DataBee Id, Device Type

  • Compliance: Rule Name, Rule Compliance, Rule Type, Rule Value

  • Identifier: Domain, Environment, HW Info Bios Manufacturer, HW Info Serial Number, IMEI List, IP1, Known Aliases, MAC1

  • Type: OS Name, OS Type, OS Version, Hypervisor, Image Name

  • Location: Location City, Location Country, Region

  • Org Hierarchy: Owner Employee UID, Owner Email Addr, Owner Full Name, Owner Job Title, Owner Name, Owner DataBee Id, Manager, DataBee Id, Manager Email Address, Manager Full Name, Level 2, Level 3, Level 4

  • Time: Device Last Seen By DataBee

  • Source: Discovery

  • Status: CMDB Active Status, CMDB Showing Active, Discovered Active Status, Discovered Owner Status, Inventory Status, Post Active Discovery Status, Post Active Discovery Source, Is Recent Activity

DATA SOURCES USED BY THIS DASHBOARD

  • CDP.DEVICE

  • CDP.USER

  • CDP.ORGANIZATION_HIERARCHY

  • OCSF.INVENTORY_INFO

  • OCSF.CONFIG_STATE(For Discovery field)

  • OCSF.AUTHENTICATION(For Discovery field)

  • CYBER.DISCOVERED_OWNERS

Copyright © 2026 DataBee®, A Comcast Company.
DataBee® is a registered trademark of Comcast.