Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Create a vulnerability group

Create a vulnerability group

Creating a vulnerability group manually is done when you want to group vulnerable items by something other than the Vulnerability Group Rules criteria. For example, you can create groups for a particular manager, or for active, new exploits, such as ransomware, that include different vulnerabilities. You can also use it to group ungrouped vulnerable items.

Before you begin

Role required: sn_vul.admin

If the system property (sn_vul.autocreate_vul_centric_group) is set to true, each vulnerability entry with a vulnerable item creates a group associated with it.

If it is set to false, you create groups manually as follows.

Procedure

  1. Navigate to Vulnerability > Vulnerabilities > Vulnerability Groups.
  2. Click New.
  3. Fill in the fields on the form, as appropriate. For information on specific fields, see Vulnerability group fields.
  4. Click Submit.
    When the group is created, using the Condition or Filter Group filter type the Associated Vulnerable Item related list searches for and displays all matching vulnerable items.
    Associated vulnerable items

    You can use the Related Link, Scan for Vulnerabilities to manually trigger a ServiceNow®-initiated scan. For information on how to configure a vulnerability scanner, see Configure and manage Vulnerability scanners and scans.

    For a Qualys Vulnerability Integration, a default scanner is pre-installed in the Vulnerability Scanners module. This scanner is disabled by default. Select the Active and Default check boxes to enable the Qualys scanner to work using the Scan for Vulnerabilities related link on the vulnerability group and vulnerable item forms.

    If you open an associated vulnerable item, any associated vulnerability group entries appear under the Associated Vulnerable Group related list tab.

    Associated Vulnerable Group related list on a vulnerable item

Changes to site functionality will be made starting around 6am on January 21st (Pacific Time) and lasting approximately 6 hours.  The site may be intermittently unavailable.