Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.
  • Madrid
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store

Vulnerability Response release notes

Log in to subscribe to topics and get notified when content changes.

Vulnerability Response release notes

ServiceNow® Vulnerability Response application enhancements and updates in the Istanbul release.

Istanbul upgrade information

To reduce upgrade time, if you have Qualys or a third-party integration installed, delete all attachments on your integration data sources. You can find them by navigating to System Import Sets > Administration > Data Sources and searching by integration. See Manage attachments Manage attachments for more information.

New in the Istanbul release

Bulk scanning of vulnerabilities and vulnerable items
You can simultaneously scan multiple vulnerabilities or vulnerable items that contain at least one affected CI or an IP address populated on the form.
Automated scan processing
When performing a scan on a vulnerability or vulnerable item , if the scan identifies that the vulnerability or vulnerable item still exists (not fixed), the state is change to Reopened, a work note is added, and a workflow trigger causes a rescan.
Vulnerability Response Orchestration
With Vulnerability Response Orchestration activities, users can interact with and retrieve data from Windows or UNIX-based systems and environments using workflow.

Changed in this release

  • Dashboard enhancements: You can filter report widgets directly from a homepage or dashboard without modifying the reports using interactive filters.
  • New reports added to overview:
    • CIs not Scanned: lists all configuration items that have not yet been scanned.
    • CIs with Vulnerability by Date: lists all configuration items and their last scanned date.
    • New Vulnerable Items: lists vulnerable items created in the last 30 days and which have a Vulnerability Group Risk Accepted value of true.
  • Vulnerability groups: Vulnerability groups have been added for grouping vulnerable items based on vulnerability, vulnerable item conditions, or filter group.
  • Scan queue for vulnerability scanning: Vulnerability scan requests submitted to a third-party vulnerability scanning integration are queued so as not to overload system resources. You can view the status of queued requests, as needed.
  • NVD data feed URLs have changed. Downloads may stall due to outdated URLs. If you encounter this situation, see KB0683326 for more information on correcting the issue.

Activation information

Activate the Vulnerability Response plugin and configure it based on the needs of your organization. This plugin is available as a separate subscription.