Ivanti nZTA device vulnerability risk detected

This rule is part of a beta feature. To learn more, contact Support.
ivanti-nzta
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Goal

Identify cases where a device is assigned a Vulnerability Risk Rating (VRR) of Critical, High, Medium, or Low. This helps detect potential security risks and prioritize remediation efforts.

Strategy

This rule monitors vulnerability risk ratings reported by Ivanti nZTA. Devices with higher risk ratings may indicate unpatched software, misconfigurations, or exposure to known security threats.

Triage and Response

  1. Identify the affected device {{@source_name}} and its Vulnerability Risk Rating (VRR) (Critical, High, Medium, or Low).
  2. Review the specific vulnerabilities associated with the rating and assess their potential impact
  3. Verify if the device {{@source_name}} is running outdated software, missing security patches, or has misconfigured settings.
  4. If the risk is Critical or High, prioritize remediation actions such as applying patches, restricting network access, or increasing monitoring.
  5. If the risk is Medium or Low, schedule remediation according to security policies while ensuring minimal business disruption.