0

Vulnerability Response Application imports and automatically groups
vulnerable items according to group rules which allows us to remediate
vulnerabilities quickly.

Overview:

Vulnerability data is pulled from internal and external sources, such as the National Vulnerability Database
(NVD) or third-party integrations (Tripwire). New integration built to pull tripwire data into ServiceNow.

After importing vulnerability data from Tripwire, vulnerable items are auto Created and auto Grouped, and
ranked per the configured Risk Calculators and remediation targets are set based on severity of the
vulnerability.

Vulnerability Items (VIT) are auto-assigned based on the configured Assignment rules.

For any vulnerable items, change requests and security incidents can be created using vulnerability
groups to remediate issues and mitigate risk.

VITs can be closed automatically during subsequent Tripwire scans, if the issues are resolved.

Built an integration with Tripwire to pull in vulnerabilities into
ServiceNow. The integration with NVD is activated via VR plugin.

Vulnerability data is pulled from internal and external sources, such as the National Vulnerability
Database (NVD), Common Weakness Enumeration (CWE) or third-party integrations. Vulnerabilities
are stored under Libraries.

A third-party integration between ServiceNow and Tripwire has been set-up to import Vulnerabilities
from Tripwire.

Vulnerable Items (VITs) are created automatically after importing vulnerability
data from Tripwire.

Vulnerable items are automatically created during third-party vulnerability integration imports.

An imported Vulnerability + A match to an existing asset= VIT

VITs can be manually created from Vulnerability Response > Vulnerable Items.

Vulnerable Items are grouped based on the Grouping Rules, multiple conditions
such as CI Class, Assignment Group can be set.

Vulnerability groups represent a set of vulnerable items to remediate.

Vulnerable Items moves through the remediation states via a Vulnerability Group.

Create and manage change requests (CHG) directly from vulnerability groups (VG).

An exception to defer the remediation of a VI or VG for a specified period can be requested from the
Vulnerability Group. NOT IMPLEMENTED.

Requesting an exception triggers an approval to the configured Exception Approvers group.

After the exception approver approves this request, the VI or VG moves to a Deferred state.

Vulnerability Items (VIT) are auto-assigned based on the configured
Assignment rules.

VITs can be auto assigned to a group using the Assignment Rules.

Vulnerability calculators can prioritize tickets for remediation, and target rules
are used to implement SLA for resolution.

Vulnerability calculators has been configured to calculate the Risk Score/ Risk Rating of a
Vulnerability Item.

Remediation target rules define the expected timeframe for remediating a vulnerable items (SLAs).

ServiceNow Vulnerability Response Application
Working Code Asked question October 1, 2024