Ivanti nZTA device vulnerability risk detected

This rule is part of a beta feature. To learn more, contact Support.
ivanti-nzta
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Goal

Identify cases where a device is assigned a Vulnerability Risk Rating (VRR) of Critical, High, Medium, or Low. This helps detect potential security risks and prioritize remediation efforts.

Strategy

This rule monitors vulnerability risk ratings reported by Ivanti nZTA. Devices with higher risk ratings may indicate unpatched software, misconfigurations, or exposure to known security threats.

Triage and Response

  1. Identify the affected device {{@source_name}} and its Vulnerability Risk Rating (VRR) (Critical, High, Medium, or Low).
  2. Review the specific vulnerabilities associated with the rating and assess their potential impact
  3. Verify if the device {{@source_name}} is running outdated software, missing security patches, or has misconfigured settings.
  4. If the risk is Critical or High, prioritize remediation actions such as applying patches, restricting network access, or increasing monitoring.
  5. If the risk is Medium or Low, schedule remediation according to security policies while ensuring minimal business disruption.