What is the best procedure to work on Vulnerabilities when the asset IP is always dynamic?

Venkatesh4
Tera Expert

‎02-19-2024 09:29 PM

I'm interested in learning how to effectively we can handle vulnerabilities within ServiceNow, particularly in an environment where asset IP addresses are consistently dynamic.

 

Should our focus solely be on CI lookup rules, disregarding IP addresses and instead attempting to match CIs with other fields such as FQDN, DNS, etc.?

 

 

Labels:
0 Helpfuls
  • 220 Views
1 REPLY 1

Community Alums
Not applicable

‎02-20-2024 12:04 AM

Hi @Venkatesh4 ,

Please refer to these videos, which are the best practices :

https://www.servicenow.com/community/secops-forum/recommended-practices-for-ci-matching-success-cust...

https://www.youtube.com/watch?v=CvHXhFUzC_I

 

How to use dynamic threat information from Recorded Future in your SecOps workflows
How to use dynamic threat information from Recorded Future in your SecOps workflows
youtube.com/watch?v=CvHXhFUzC_I
Recorded Future offers two mature security integrations with ServiceNow SecOps. Learn about moving away from static CVSS scores and automatically prioritizing your vulnerabilities using Recorded Future Risk Rules. Also see the full capabilities for incorporating threat data, enrichment, and risk ...
0 Helpfuls