Exploring Configuration Compliance
-
- UpdatedFeb 4, 2025
- 3 minutes to read
- Yokohama
- Configuration Compliance
Use test results obtained from third-party Secure Configuration Assessment (SCA) integrations to verify compliance with security or corporate policies. Identify, prioritize, and remediate non-compliant configuration items.
Terminology prior to v14.9 | Terminology v14.9 onwards |
---|---|
Test Result Group | Remediation Task |
Group Rules | Remediation Task Rules |
Policy | Test group |
What is Configuration Compliance
The ServiceNow® Configuration Compliance application enables you to prioritize and remediate the most critical configuration-related vulnerabilities in your environment quickly and efficiently. Configuration Compliance is available by subscription in the ServiceNow® Store.

Key features of Configuration Compliance
Use the Configuration Management Database (CMDB) in your Now Platform® to help you expose and fix your most critical configuration-related security vulnerabilities. Focus your remediation resources on activities with the greatest risk reduction. Streamline the remediation process across security, IT, and your business process stakeholders. The Configuration Compliance application includes the following key features:
- With supported third-party integrations, automatically import policies, tests, authoritative sources, and technologies. See Configuration Compliance integrations for more information about supported integrations.
- Correlate policies and tests to configuration items (assets) to identify configuration-related vulnerabilities and help you verify that your assets are in compliance with your policies and controls.
- Unify configuration assessment, assignment, and remediation across all of your assets.
- Configuration scanning content can be imported from leading Secure Configuration Assessment (SCA) ecosystem integration applications.
- Configuration findings, test failures, can be grouped and routed automatically based on remediation specialist skill sets and areas of responsibility. Intelligent workflows and tight integration with change management provide smooth task hand-offs between groups.
- When used with the ServiceNow Governance, Risk, and Compliance (GRC) application, configuration tests in Configuration Compliance can be rolled up to their corresponding GRC controls.
- With enhanced change management, create pre-populated change requests for IT directly from Configuration Compliance to help you with your remediation tasks that require additional resources.
- With dashboards, view remediation status metrics on remediation task, compliance test, and policy records.
Who uses Configuration Compliance
- System administrators
- Vulnerability administrators
- Vulnerability managers
- Vulnerability analysts
- Compliance administrators
- sn_vulc.admin — can read, write, delete
- sn_vulc.write — can read and write
- sn_vulc.remediation_owner — Can read and update assigned recordsNote: The sn_vulc.remediation_owner role is also automatically assigned when any user is assigned the itil role.
- sn_vulc.read — can read
Configuration Compliance and Security Operations
When the Qualys Vulnerability Integration and the Tenable Vulnerability Integration are installed, access to Vulnerability Response becomes available. You can have multiple deployments of these integrations. Data sourced from each deployment is identified and available in a single instance of GRC.
Available versions for Yokohama
Release version | Release notes |
---|---|
Configuration Compliance v15.2 |
Configuration Compliance release notes. For compatibility information, see KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes See Setting up, installing, and configuring the Configuration Compliance application for more information about activating the application. |