Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Individual vulnerable item management

Individual vulnerable item management

Vulnerable items represent one CI with a given vulnerability. Vulnerable items are imported from third-party sources, or using the SAM NVD information (link) to compare vulnerability entries to software records retrieved from the Software Asset Management module.

Vulnerable items are contained in vulnerability groups defined by vulnerability rules. Typically vulnerability groups are the location where groups of vulnerable items are assigned and worked on.

Vulnerable items can be viewed and edited in bulk from the Vulnerable Items module. Vulnerable item records display information from the vulnerability in the Vulnerability tab of a vulnerability group. This tab can indicate whether there are public or active exploits for it. Also, whether it can be remediated via a patch, configuration change, or combination of both. If there are IP addresses that are found during de-duplication, they appear in a related list.

When a vulnerable item is added to a vulnerability group, the group appears in the Associated Vulnerability Group list of Vulnerable items.

When a task is created that affects a vulnerable item, the task appears in the Affected Tasks related list of Vulnerable items.

Vulnerable items can be created manually. You can create security incidents or change requests and manually closed or defer them. Vulnerability group rules can be applied to manually created vulnerable items.

Vulnerable Item is no longer a task and no longer appears in the My Work common menu item. Vulnerability Groups and Vulnerability Rules have been enhanced to take over task functionality. Vulnerable items cannot be linked as a parent task.