Understanding Vulnerability Response

Vulnerability Response automatically groups vulnerable items allowing you to remediate vulnerabilities quickly. Vulnerability data is pulled from internal and external sources, such as the NVD or third-party integrations.

What is Vulnerability Response

With Vulnerability Response you can do the following:
  • Configure vulnerability groups, calculators, notifications, and SLAs.
  • Update your system from the vulnerability databases on demand or by running user-configured scheduled jobs.
  • Configure integrations to import data from internal and external sources.
    • If the Qualys Vulnerability Integration plugin is activated and configured, Vulnerability Response can receive vulnerability data from the Qualys scanner in the form of vulnerabilities and vulnerable items.
  • Create changes, problems, and security incidents from vulnerable items.
  • Edit vulnerable items in bulk.
  • View the library of Common Weakness Enumeration (CWE) records from the NVD to understand how they relate to the Common Vulnerability and Exposure (CVE) records. Knowledge articles associated with the CWEs are included for reference.
  • Create and view reports.

Who uses Vulnerability Response

Vulnerability Response tasks involve the following roles.
  • System administrators
  • Vulnerability administrators
  • Vulnerability analysts
Vulnerability Response tasks involve the following roles.
  • sn_vul.admin — can read, write, delete
  • sn_vul.vulnerability_write — can read and write
  • sn_vul.vulnerability_read — can read

Vulnerability Response and the Now Platform

Security Operations overview

Vulnerability Response terminology

The following terms are used in Vulnerability Response.
Term Definition
CVE Common Vulnerability and Exposure — a dictionary of publicly known information-security vulnerabilities and exposures.
CVSS Common Vulnerability Scoring System — an open framework for communicating the characteristics and severity of software vulnerabilities.
CWE Common Weakness Enumeration — a list of software vulnerabilities.
Discovery models Software models used to help normalize the software you own by analyzing and classifying models to reduce duplication.
Vulnerability calculators Calculators used to prioritize and categorize vulnerabilities based on user-defined criteria.
Vulnerability groups Used to group vulnerable items based on vulnerability, vulnerable item conditions, or filter group.
Configure Vulnerability integrations A process that pulls report data from a third-party system, generally to retrieve vulnerability data.
Vulnerabilities Records of potentially vulnerable software downloaded from the National Institute of Standards and Technology (NIST) NVD or third-party integrations.
Vulnerable items Pairings of vulnerable entries, downloaded from the NIST NVD or third-party integrations, and potentially vulnerable configuration items and software in your company network.