Ivanti nZTA device vulnerability risk detected

This rule is part of a beta feature. To learn more, contact Support.
ivanti-nzta
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Goal

Identify cases where a device is assigned a Vulnerability Risk Rating (VRR) of Critical, High, Medium, or Low. This helps detect potential security risks and prioritize remediation efforts.

Strategy

This rule monitors vulnerability risk ratings reported by Ivanti nZTA. Devices with higher risk ratings may indicate unpatched software, misconfigurations, or exposure to known security threats.

Triage and Response

  1. Identify the affected device {{@source_name}} and its Vulnerability Risk Rating (VRR) (Critical, High, Medium, or Low).
  2. Review the specific vulnerabilities associated with the rating and assess their potential impact
  3. Verify if the device {{@source_name}} is running outdated software, missing security patches, or has misconfigured settings.
  4. If the risk is Critical or High, prioritize remediation actions such as applying patches, restricting network access, or increasing monitoring.
  5. If the risk is Medium or Low, schedule remediation according to security policies while ensuring minimal business disruption.