Built something you're proud of? Tell the story. A quick G2 review of App Engine or Build Agent helps other developers see what's possible on ServiceNow. Share your experience.

What is the best procedure to work on Vulnerabilities when the asset IP is always dynamic?

Not applicable

‎02-19-2024 09:29 PM

I'm interested in learning how to effectively we can handle vulnerabilities within ServiceNow, particularly in an environment where asset IP addresses are consistently dynamic.

 

Should our focus solely be on CI lookup rules, disregarding IP addresses and instead attempting to match CIs with other fields such as FQDN, DNS, etc.?

 

 

Labels:
0 Helpfuls
  • 484 Views
1 REPLY 1

Not applicable

‎02-20-2024 12:04 AM

Hi @Community Alums ,

Please refer to these videos, which are the best practices :

https://www.servicenow.com/community/secops-forum/recommended-practices-for-ci-matching-success-cust...

https://www.youtube.com/watch?v=CvHXhFUzC_I

 

How to use dynamic threat information from Recorded Future in your SecOps workflows
How to use dynamic threat information from Recorded Future in your SecOps workflows
youtube.com/watch?v=CvHXhFUzC_I
Recorded Future offers two mature security integrations with ServiceNow SecOps. Learn about moving away from static CVSS scores and automatically prioritizing your vulnerabilities using Recorded Future Risk Rules. Also see the full capabilities for incorporating threat data, enrichment, and risk ...
0 Helpfuls