Exploit details in the risk calculator

Go to solution
Bla_ena
Tera Contributor

‎12-06-2022 03:19 AM

Hi,

1) Does integrating Shodan with ServiceNow VR have any added value if we're integrating Qualys which already provides the exploit information(Exploit exists, Skill level and Attack vector)?

2) The Default risk calculator in ServiceNow is using the Vul Severity(in our case the Qualys severity) and the exploit details to calculate the risk score. Again, does it have any added value to give the exploit details any weight if Qualys already incorporated those details in its severity? (one advantage would be an option to increase the weight of a specific exploit detail even more than the Qualys did. But apart from that?)

 

Thank you.

0 Helpfuls
  • 542 Views
1 ACCEPTED SOLUTION

Go to solution
Chris McDevitt
ServiceNow Employee
ServiceNow Employee

‎12-09-2022 05:51 AM

Bla,

(1)Yes. As a matter of fact, you can implement Shodan in Qualys to enhance your results:

https://qualysguard.qg2.apps.qualys.com/am/csamHelp/inventory/sensors/shodan.htm#:~:text=If%20you're....

Shodan brings additional intelligence to bear.

Please note that Shodan is NOT free:

https://account.shodan.io/billing

The "free" version is limited and not useful for production applications.

 

(2) You are correct; you can choose to increase/decrease the Risk over what Qualys thinks it is. But that seems superfluous. It is better to use the Calculator to add variables that Qualys does not already know about to adjust the Risk. (i.e. CI attributes or 3rd party tools like Shodan)

 

View solution in original post

1 REPLY 1

Go to solution
Chris McDevitt
ServiceNow Employee
ServiceNow Employee

‎12-09-2022 05:51 AM

Bla,

(1)Yes. As a matter of fact, you can implement Shodan in Qualys to enhance your results:

https://qualysguard.qg2.apps.qualys.com/am/csamHelp/inventory/sensors/shodan.htm#:~:text=If%20you're....

Shodan brings additional intelligence to bear.

Please note that Shodan is NOT free:

https://account.shodan.io/billing

The "free" version is limited and not useful for production applications.

 

(2) You are correct; you can choose to increase/decrease the Risk over what Qualys thinks it is. But that seems superfluous. It is better to use the Calculator to add variables that Qualys does not already know about to adjust the Risk. (i.e. CI attributes or 3rd party tools like Shodan)