Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Understanding Vulnerability Response

Understanding Vulnerability Response

Vulnerability Response automatically groups vulnerable items according to rules allowing you to remediate vulnerabilities quickly. Vulnerability data is pulled from internal and external sources, such as the NVD or third-party integrations.

What is Vulnerability Response

With Vulnerability Response you can do the following:
  • Configure vulnerability groups, CI identifiers, notifications, and SLAs.
  • Update your system from the vulnerability databases on demand or by running user-configured scheduled jobs.
  • Configure integrations to import data from internal and external sources.
    • If the Qualys Vulnerability Integration plugin is activated and configured, Vulnerability Response can receive vulnerability data from the Qualys scanner in the form of vulnerabilities and vulnerable items.
  • Create changes, problems, and security incidents from vulnerability groups.
  • Edit vulnerable items in bulk.
  • View the library of Common Weakness Enumeration (CWE) records from the NVD to understand how they relate to the Common Vulnerability and Exposure (CVE) records. Knowledge articles associated with the CWEs are included for reference.
  • Create and view reports.

Who uses Vulnerability Response

Vulnerability Response tasks involve the following roles.
  • System administrators
  • Vulnerability administrators
  • Vulnerability analysts
Vulnerability Response tasks involve the following roles.
  • sn_vul.admin — can read, write, delete
  • sn_vul.vulnerability_write — can read and write
  • sn_vul.vulnerability_read — can read
  • sn_vul.vr_import_admin — can run scheduled jobs

Vulnerability Response and the Now Platform®

Security Operations overview

Vulnerability Response terminology

The following terms are used in Vulnerability Response.
Term Definition
CVE Common Vulnerability and Exposure — a dictionary of publicly known information-security vulnerabilities and exposures.
CVSS Common Vulnerability Scoring System — an open framework for communicating the characteristics and severity of software vulnerabilities.
CWE Common Weakness Enumeration — a list of software vulnerabilities.
Discovery models Software models used to help normalize the software you own by analyzing and classifying models to reduce duplication.
Vulnerability calculators and calculator groups Calculators used to prioritize and categorize vulnerabilities based on user-defined criteria.
Vulnerability groups and group rules Used to group vulnerable items based on vulnerability, vulnerable item conditions, or filter group.
Manually create a vulnerability integration A process that pulls report data from a third-party system, generally to retrieve vulnerability data.
Vulnerabilities Records of potentially vulnerable software downloaded from the National Institute of Standards and Technology (NIST) NVD or third-party integrations.
Vulnerable items Pairings of vulnerable entries, downloaded from the NIST NVD or third-party integrations, and potentially vulnerable configuration items and software in your company network.