Exposure Management - Assets

The Assets list consolidates host information from all connected Ivanti solutions as well as integrated third-party platforms, giving you a unified and comprehensive overview of all devices, no matter how they were discovered. Use this view to assess your full asset inventory, determine the origin of asset data, and efficiently manage asset exposure. The Assets list aggregates host data from all configured Ivanti connectors and external third-party integrations. This ensures you have a comprehensive view of all devices regardless of their discovery source. The Assets list view will display the devices having exposures.

Sources of Host Data

Host data is gathered from the following sources:

Ivanti Neurons for Discovery and other Ivanti Connectors

• Desktop & Server Management

• Endpoint Manager

• Endpoint Security

• Patch for Config Manager

• Patch for Intune

• Security Controls

Third-Party Connectors

• CrowdStrike

• Tenable.io

• Qualys

• Rapid7

The following details are captured and displayed in the:

Asset Name: The unique identifier or hostname of the device. Click the Asset Name to navigate to the detailed Asset Information Page.

Asset Type: Specifies the device type (e.g., Mac, Server, Workstation, HOST). Use this to filter assets by class for targeted remediation.

Sources: The original source(s) that provided the data for this host.

RS3 Score (Required): The calculated Risk Score for each asset. You can sort by this column to prioritize the riskiest assets first for mitigation. For more information, see

Use the Export button to export the exposures list to text (.csv). Any column filters you have applied will also apply to the export.

Use the Update Criticality button to manually update the Asset Criticality level to individual devices, identities, or cloud resources via the asset portal. The Business criticality values are given below for assets are as follows:

• 1 - Least critical

• 2 - Less critical

• 3 - Medium

• 4 - Very critical

• 5 - Most critical

Once set, this criticality impacts the RS 3 score of the asset. This button is displayed when the Business Criticality permission is assigned to you.

Viewing Asset details

Clicking the Asset Name, navigates you to Devices > Exposures, opens a separate page with list of all associated exposures for the device.

Viewing CVE details

Selecting an exposure CVE number, you are navigated to Exposure Management > Exposures where, a summary of the exposure with a complete history, configuration details are displayed. This page includes extensive information in these categories:

• Summary: Links to relevant patches, release notes, evidence detected for the exposure (if available), vendor, and third-party advisories.
• Vulnerabilities: Lists the CVEs associated with the exposure you selected. Some exposures have more than one CVE. Common Weakness Enumerations (CWE) are also listed, along with the platforms affected.
• Threats: Lists the threats associated with the CVE and links to sites with more details.
• Fixes: Links to fixes for the exposure. Not all CVEs have fixes. This section will not appear if no fixes are available, but you can still refer to the recommended patches section in the summary.
• Impacted assets: Lists the assets affected by the CVE.
• Sources: Displays the tools, such as Ivanti Discovery, Crowdstrike, or Tenable, that contribute vulnerability data to the platform.