Does anyone have an idea how one could best determine when a given system was first deployed? What I mean by that is when was a system installed and added to the environment. We are trying to capture servers that were added to our environment without going through the proper onboarding processes. What QID's or other mechanism could be used to somewhat reliably determine when a system came to live? I am sure others are struggling with the same issue.
One way would be to look at all vulnerabilities on the system and see which one has the oldest "first detected" date, but this is not very efficient on a massive scale. A direct way would be preferred.