Difference between last scan in discovered item and Last found in Vulnerable item in servicenow?

jugantanayak
Tera Guru

‎01-16-2024 06:30 AM

Hi,

 

Anyone can please help me to understand the difference between last scan in discovered item and Last found in Vulnerable item in servicenow?

 

Thanks in advance.

 

Regards,

Juganta

0 Helpfuls
  • 1,380 Views
2 REPLIES 2

Tushar
Kilo Sage
Kilo Sage

‎01-16-2024 06:43 AM

Hi @jugantanayak 

 

 

Last Scan in Discovered Item:

  • This field refers to the latest date and time a scanner detected an asset (e.g., server, device) and added it to the CMDB (Configuration Management Database) as a discovered item.
  • This doesn't necessarily mean a vulnerability was found on the asset. It simply indicates the asset was identified and tracked within the system.

Last Found in Vulnerable Item:

  • This field refers to the latest date and time a specific vulnerability was detected on an asset.
  • It reflects the most recent scan or update that identified the vulnerability's presence on the asset.

for eg -

 

  • An asset was scanned on Jan 10th and added to the CMDB as a discovered item. (Last scan = Jan 10th)
  • A separate vulnerability scan on Jan 15th detects a specific vulnerability (Vulnerability A) on the same asset. (Last found for Vulnerability A = Jan 15th)
  • Another vulnerability scan on Jan 20th detects a different vulnerability (Vulnerability B) on the same asset. (Last found for Vulnerability B = Jan 20th)

Please, don't forget to mark my answer as correct if it solves your issue or mark it as helpful if it is relevant for you!

Regards,
Tushar

Tushar
Kilo Sage
Kilo Sage

‎01-16-2024 06:44 AM

To summarize - "Last Scan" in Discovered Items is related to the general discovery and update process of configuration items, while "Last Found" in Vulnerable Items specifically focuses on the identification and detection of vulnerabilities on those items.

 

Thanks,

Tushar

0 Helpfuls