Ivanti nZTA device vulnerability risk detected

This rule is part of a beta feature. To learn more, contact Support.
ivanti-nzta
Esta página aún no está disponible en español. Estamos trabajando en su traducción.
Si tienes alguna pregunta o comentario sobre nuestro actual proyecto de traducción, no dudes en ponerte en contacto con nosotros.

Goal

Identify cases where a device is assigned a Vulnerability Risk Rating (VRR) of Critical, High, Medium, or Low. This helps detect potential security risks and prioritize remediation efforts.

Strategy

This rule monitors vulnerability risk ratings reported by Ivanti nZTA. Devices with higher risk ratings may indicate unpatched software, misconfigurations, or exposure to known security threats.

Triage and Response

  1. Identify the affected device {{@source_name}} and its Vulnerability Risk Rating (VRR) (Critical, High, Medium, or Low).
  2. Review the specific vulnerabilities associated with the rating and assess their potential impact
  3. Verify if the device {{@source_name}} is running outdated software, missing security patches, or has misconfigured settings.
  4. If the risk is Critical or High, prioritize remediation actions such as applying patches, restricting network access, or increasing monitoring.
  5. If the risk is Medium or Low, schedule remediation according to security policies while ensuring minimal business disruption.