Get a first look at what's coming. The Developer Passport Australia Release Preview kicks off March 12. Dive in! 

What is the best procedure to work on Vulnerabilities when the asset IP is always dynamic?

Not applicable

‎02-19-2024 09:29 PM

I'm interested in learning how to effectively we can handle vulnerabilities within ServiceNow, particularly in an environment where asset IP addresses are consistently dynamic.

 

Should our focus solely be on CI lookup rules, disregarding IP addresses and instead attempting to match CIs with other fields such as FQDN, DNS, etc.?

 

 

Labels:
0 Helpfuls
  • 427 Views
1 REPLY 1

Not applicable

‎02-20-2024 12:04 AM

Hi @Community Alums ,

Please refer to these videos, which are the best practices :

https://www.servicenow.com/community/secops-forum/recommended-practices-for-ci-matching-success-cust...

https://www.youtube.com/watch?v=CvHXhFUzC_I

 

How to use dynamic threat information from Recorded Future in your SecOps workflows
How to use dynamic threat information from Recorded Future in your SecOps workflows
youtube.com/watch?v=CvHXhFUzC_I
Recorded Future offers two mature security integrations with ServiceNow SecOps. Learn about moving away from static CVSS scores and automatically prioritizing your vulnerabilities using Recorded Future Risk Rules. Also see the full capabilities for incorporating threat data, enrichment, and risk ...
0 Helpfuls