THE PROBLEM
Software inventory is fragmented β package data says one thing, CPE fingerprints say another, and neither tells the whole story. Teams can't see version sprawl, can't spot end-of-life exposure before it becomes unpatchable, and can't answer the simplest board question: βwhich product is dragging the most risk?β
WHAT IT DOES
Mimir merges the software and CPE inventories into one unified product map β with a source delta metric showing what each source missed β then enriches it with endoflife.date lifecycle data, flags crown-jewel software, builds a βbehind latestβ worklist, and ranks a risk leaderboard by KEV and critical exposure.
KEY CAPABILITIES
- Merged product map with source badges β reconciles the software and CPE inventories into one product list, each row badged with which source saw it β and a delta metric that quantifies what either source alone would have missed.
- Version-sprawl, most-deployed, and single-install views β instantly spot the product running fourteen versions, the package on half the estate, and the one-off install nobody owns.
- EOL detection + tags β endoflife.date lifecycle status lands directly on your inventory, before end-of-life becomes an audit finding or an unpatchable CVE.
- Crown-jewel software flags β role-based ACR suggestions raise the criticality of assets running the software the business depends on, feeding the pack's shared priority currency.
- Risk leaderboard β products ranked by the KEV and critical exposure they drag into the estate, so patching effort lands where risk actually concentrates.
- Gated tags + CSV export β every finding becomes a proposed, human-approved tag or an exportable worklist ready for the patch team.
HOW IT WORKS
Mimir runs against the local navi.db built from your Tenable data: the software and cpes tables reconciled into one map, enriched by a cached endoflife.date lifecycle feed, with the vulns table supplying risk. All writes are proposed, human-approved, and logged.
WHY IT'S DIFFERENT
- Two inventory sources reconciled, with a delta metric β Mimir finds what either source alone misses, and tells you how big the gap is.
- Lifecycle + risk in one view β EOL status and KEV exposure on the same row, instead of two spreadsheets and a prayer.
- Feeds the pack: its product map powers EOL tagging, AI discovery, and attack-path software evidence downstream.
- Gated, reviewable writes β Mimir proposes tags and ACR suggestions; a human approves.
PROOF POINTS
- In a reference environment of 268 assets, Mimir reconciled:
- ~28,700 software rows and ~43,700 CPE rows into a single unified product map β with source badges showing exactly which inventory contributed each product.
Illustrative results from a demo lab β not a guarantee. Inventory depth depends on scan coverage; blind or uncredentialed hosts are called out, not hidden.
WORKS BETTER WITH
Mimir feeds Charon (EOL tagging from lifecycle data), Anubis (crown-jewel software β ACR calibration), Pythia (AI apps surfaced in CPEs), and Fenrir (exploitable software as attack-path evidence).
WHO IT'S FOR
Vulnerability management teams who need risk-ranked patching; IT asset managers reconciling inventories; patch teams that want one worklist instead of three exports.
CALL TO ACTION
Ask Mimir what's really installed β the well remembers everything.