Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Vulnerability Response remediation

Vulnerability Response remediation

Vulnerability Response remediation is primarily a manual process performed at the group level. Scheduled jobs and workflows augment this process. You can compare vulnerability-related data, pulled from internal and external sources, to vulnerable resources and software identified in the Software Asset module using Vulnerability Response.

If a vulnerability is found on a configuration item, assign IT to resolve it by creating change requests. If the vulnerability is a security incident and Security Incident Response is activated, you can create security incident records.

Most remediation is done from the vulnerability group. There are multiple ways to remediate vulnerability groups. From the Under Investigation state, create change requests or defer or close the group.
Note: You can create a security incident from a vulnerability.

Beginning with Kingston patch 6, vulnerability group rules can automate vulnerability group assignments. Due to the large volume in data imports, care should be taken with automated vulnerability group assignment. See Create vulnerability group rules for more information.