Context
The City of Lille, together with Lomme and Hellemmes, runs a particularly vast digital estate: around 5,000 IT devices, more than 10 management and security tools, and several thousand agents. Each tool did its own job well: the problem wasn't a lack of information, but its dispersion. Each team held a piece of the truth, with no global, consolidated and immediately usable view.
The realization came out of the crisis. In the wake of the 2023 cyberattack, one observation stood out: plenty of information, yet real difficulty getting a fast, global, consolidated view of the IS. A challenge sharpened further by the NIS 2 directive. The starting question was simple but unforgiving: do we really know what we have to protect? Knowing your digital estate is a prerequisite for cybersecurity.
Challenges
The organization faced three concrete issues:
Scattered information. Answering a simple question (how many endpoints per site, which devices are protected by the EDR, which assets are vulnerable) meant cross-referencing several sources: AD, ITSM, MDM, EDR, scanners, CMDB. No cross-functional view allowed the whole estate to be queried quickly.
Data discrepancies. The same device appeared in AD, MDM and EDR with different information. Several inventories coexisted, but no single, reliable inventory.
A demanding context. With the ITSM and governance initiatives ramping up, and under post-cyberattack and regulatory (NIS 2) pressure, the need for a reliable repository to build on became a priority.
Why OverView
The City of Lille chose OverView for three reasons: no rebuilding of a new inventory from scratch (leverage what exists rather than replace it); exploit the tools already in place by automatically collecting their data to consolidate repositories; and gain a reliable view of the digital estate quickly, without launching a multi-year project.
Implementation
The project followed five key stages:
- Automatic data collection. Connection to existing repositories and data retrieval via API or flat files. No re-keying, no migration project.
- Repository consolidation. Reconciliation of AD, MDM, EDR, ITSM and scanner data; duplicate identification and a coherent view.
- Contextualization. Visualization of devices by site, building and department, along with critical assets.
- Operational use. Investigations, risk analysis, device search and EDR coverage verification.
- Steering. Building reliable indicators: knowing the estate is no longer enough; the goal becomes steering risk.
Results
| Benefit | Detail |
|---|---|
| Time savings | No more navigating between tools: information is available in a single interface, with 100% of the estate visible |
| Autonomy | Investigations no longer systematically require access to every source tool; exchanges are smoother and dependencies reduced |
| Risk steering | From a static inventory to a true steering tool: identify risk areas, prioritize actions, measure progress and track remediation |
OverView, a common language
Beyond the inventory, the most structural benefit is dialogue. Infrastructure teams see the same information as security teams, and management has a synthetic view that stays consistent with operational reality. Discussions become more factual, trade-offs simpler and priorities easier to understand. It is also a concrete answer to NIS 2 requirements.