Discovered Assets data

Discovered Assets data includes a list of assets that Arctic Wolf discovered using one or more of these vulnerability and configuration scans:

  • IVA scans
  • EVA scans

Arctic Wolf retains this data for the last six months.

The Discovered Assets table includes this information:

Note:

The Learned Category and Vendor fields do not populate in this table.

Column

Description

Asset Criticality
A label that helps you prioritize risks based on how critical an asset is to your infrastructure. Possible values are:
  • Unassigned — The default value for all devices.
  • None — Defer risk remediation, for example, because these assets are not interconnected with business systems.
  • Low — Defer risk remediation until higher-priority tasks are completed. These assets are unlikely targets for malicious activity, or have negligible negative impact if compromised.
  • Medium — Monitor for risk escalation. These assets have moderate negative impact if compromised.
  • High — Isolate and limit asset use until remediation. These assets have short-term compensating controls available, or are interconnected with external systems.
  • Critical — Remediate risks immediately. These assets are likely targets for malicious activity.
Tip:

To change this field value, see Edit asset criticality.

Asset Tags
A set of labels that you apply to an asset to assist with risk mitigation planning. An asset can have more than one tag. A tag can be a custom value or one of the following preset options:
  • backup_recovery — An asset that directly or indirectly engages in the preservation of data for the purposes of recovery.
  • gdpr — An asset that, if compromised, would make a business or organization in violation of their GDPR legal responsibilities, as the European Union mandates.
  • iam — An Identity and Access Management (IAM) system that provides users access to resources based on defined roles as policies.
  • internet_facing — An asset that can be reached through the public internet.
  • network_infra — An asset that makes communication between endpoints possible, including routers, switches, and firewalls.
  • pci — An asset that engages in the handling of credit card data, as part of the payment card industry (PCI) data security standards compliance.
  • pii — An asset that engages in the storage, retrieval, and/or processing of data that relates to an identified or identifiable natural person.
  • remote_access — An asset that is configured for remote access, including VPN gateways, and sign-in services. For example, RDP and SSH.
Tip:

To change this field value, see Edit asset tags.

Category

The type of asset. Possible values are Desktop, Server, or Unknown.

Customer

Your customer ID.

Customer UUID

Your unique identifier.

Deployment ID

The ID of the Arctic Wolf appliance that detected this.

Device ID

The unique identifier of the asset.

Note:

This only populates for assets discovered by an IVA scan.

IP Address

The IP address of the asset.

MAC Address

The MAC address of the asset.

Name

The name of the asset.

Note:

This only populates for assets discovered by an IVA scan.

Ports

The ports the asset is connected through.

Note:

This only populates for assets discovered by an EVA scan.

Scan ID

The seven-digit identifier of the scan.

Softwares

A list of common service names discovered on the asset.

Note:

This only populates for assets discovered by an EVA scan.

Tags

The type of scan that discovered the asset. EVA scans are marked with eva and external, and IVA scans are marked with iva.

Timestamp

The time that the asset was detected.