Standard verticalizations

CMDBuild READY2USE Logo

Application already configured for the IT Governance management, ITIL compliant


openMAINT Logo

Application already configured for the Property and Facility Management and Maintenance Processes

CMDBuild Newsletter nr. 106

SEPTEMBER 2025

CMDBuild 4.1 Release is Now Available!

CMDBuild Newsletter nr. 106

We are excited to announce that on September 26th the CMDBuild 4.1 version has been released, which also includes the corresponding cores of openMAINT and CMDBuild READY2USE.

This new release introduces new features, improvements and bug fixes designed to enhance the overall user experience.

Here is the list of new features and enhancements:

Maps

  • Ability to maintain position and zoom when switching between classes
  • Ability to obtain coordinates by clicking on the map
  • Ability to define a thematic map as private
  • Added column filter for grid in the lists section
  • Improved import of GIS templates

Performance and Security

  • Security improvements in REST web services
  • Faster grid loading
  • Optimizations for Kubernetes

Usability and Administration

  • Management of the selected card via info button in the navigation tree
  • Management of uniqueness of relationships with attributes between two cards
  • Improved bulk download of attachments, even for large volumes
  • Added button on the login page to display application information
  • Improved management of enabled languages in the administration module
  • Added saving of data import statistics
  • Refinements on the plugin page and various administration modules

Internationalization

  • Improved management of error translation

Other Changes

Additional features/plugins not released as Open Source include:

  • Data Model Synchronization: a plugin for creating and modifying the data model via JSON. The functionality is available both from the command line and from the administration module
  • Mobile offline: improvements and fixes
  • Mobile app: various bug fixes

Data Model Synchronization: advanced Data Model Management

CMDBuild Newsletter nr. 106

The new Data Model Synchronization plugin, available in Subscription mode for CMDBuild, CMDBuild READY2USE and openMAINT, introduces a structured mechanism to simplify the management and alignment of the data model across different environments.

Purpose

Many customers work with test or development environments where customizations are created and later need to be moved into production. Until now, this process required manual updates or dedicated SQL scripts. Data Model Synchronization eliminates these issues by automating operations and reducing the risk of inconsistencies.

How It Works

The plugin implements a three–step workflow:

  1. Export the data model in JSON format
  2. Diff between the JSON model and the current database structure
  3. Selective merge of the changes into the existing data model

This allows controlled transfer of new tables, attributes, domains, and other structural changes.

Administration Interface

In addition to command line usage, the plugin is now accessible through a dedicated page in the administration module. Administrators can view the list of detected differences and decide precisely which changes to apply, ensuring a transparent and customizable process.

Integration with Plugin Manager

The same Data Model Synchronization functionality is also used by the Plugin Manager to automatically apply the patches required for the proper functioning of installed plugins, ensuring data model consistency and minimizing manual tasks.

Operational Benefits

  • Structured management of data model changes
  • Elimination of manual SQL patches
  • Granular selection of modifications to be applied
  • Automation of plugin update processes as well

With Data Model Synchronization, CMDBuild provides administrators with a powerful tool to safely govern the evolution of the data model.

ITAM and CMDB: Capabilities for Cybersecurity Required by NIS2

CMDBuild Newsletter nr. 106

In the context of cybersecurity, effective IT asset management means being able to continuously and in real time identify an organization’s technological assets and all their interdependencies.

The new European directive NIS2 requires organizations to adopt a structured approach to IT Asset Management, with the goal of reducing cyber risks stemming from digital transformation. In Italy, the ACN (National Cybersecurity Agency) defines domains, practices, objectives, and capabilities, dedicating a specific section to Asset Management—the set of activities that enable the identification, classification, configuration, and protection of assets.

The aim is to secure all organizational assets, especially IT ones, through processes that:

  • identify which assets need protection and where they are located,
  • monitor changes and updates,
  • ensure integrity and traceability.

Key Capabilities

To develop the capabilities required by NIS2, organizations need to focus on a few core activities:

  1. Asset Inventory Creation and Update – clearly track all assets with their key attributes (location, owner, software version, etc.), ensuring the inventory is regularly reviewed and kept up to date.
  2. Asset Classification – assess the criticality and strategic importance of each asset, identifying the most sensitive ones.
  3. Configuration Management – maintain the integrity of hardware, software, and firmware through baselines and structured Configuration Management processes.

Technology Support

The cooperation between ITAM and CMDB is essential to comply with NIS2 requirements. This is where CMDBuild comes into play, enabling organizations to:

  • create a detailed, real-time updated inventory of hardware, software, and data assets,
  • map Configuration Items (CIs) with complete details on location, suppliers, and assignments,
  • visually represent dependencies and relationships between assets and CIs.

With these capabilities, CMDBuild helps organizations implement ITAM programs aligned with NIS2, strengthening their cybersecurity posture.

In a Zero Trust scenario, visibility, knowledge, and monitoring are the first lines of defense against malicious attacks.