Currently we are seeing some non-ephemeral servers also getting identified through Cloud CI lookup rule as Virtual Machine Instances.
To properly separate ephemeral and non-ephemeral assets, we need some guidance from your infrastructure/cloud team on how these assets are identified in your environment.
Can you please help us understand:
how ephemeral assets are differentiated in Tenable/cloud sources
whether any tags, naming conventions, autoscaling indicators, VDI non-persistent flags, or Kubernetes/container identifiers are available
and what attributes should be used to identify persistent vs temporary assets
This will help us make sure:
