Resumen
This work discusses integration of the DBpedia dataset with NVD (National Vulnerability Database) in order to bring some practical results to knowledge management in the field of software security.We have automatically mapped entities (software products and vendors), obtained from CPE (Common Platform Enumeration), with the corresponding elements of DBpedia, through the DBpedia Spotlight service. We have manually reviewed the annotation results and linked them into a semantic model. As NVD uses the CPE entities as a naming scheme for software products, the semantic model allows to identify NVD records, related to software products, mentioned in DBpedia; and can be used to extend DBpedia by vulnerabilities related data, and build advanced security models of software products. All the experimental models in the RDF format and Java-based software have freely been published by the GitHub service.The mapping of NVD with DBpedia based on CPE and DBpedia Spotlight does not seem to be easy. The automatic annotation has suffered from getting general results, instead of specific ones. Also, there is an issue with possibility to choose the most general term in a given sequence. And the last challenge relates to possible incompleteness and inconsistency of the Linked Open Data. It needs to improve annotation techniques in order to involve fully automatic process there.