For more information about installing and activating the Vulnerability Response application, see, Install and configure Vulnerability Response. This integration requires version 12.1 of Vulnerability Response or later.

If you don't already have it on your instance, get entitlements and download the Vulnerability Response Integration with Tenable application to your Now Platform® instance. The Vulnerability Response Integration with Tenable application supports the Tenable.sc product starting with version 5.13.

Estimate the number of vulnerable items you expect to import.

Verify your instance can accept the number of vulnerable items you expect to import. An undersized instance can lead to long load times. If you do not know the size of your instance, or, if you need assistance, contact ServiceNow® Technical Support.

Verify that you have groups or users to manage the integrations and remediate vulnerable items.

admin

The system admin uses Setup Assistant to install the Vulnerability Response Integration with Tenable application. If not assigned, the admin assigns the vulnerability admin (sn_vul.vulnerability_admin) and other roles in Setup Assistant.

sn_vul.vulnerability_admin

Once assigned, the vulnerability admin completes the configuration of the Tenable integrations. This role has complete access to the Vulnerability Response (VR) application and its records. Configures all VR applications and rules and configures third-party integrations.

sn_vul_tenable.admin

This role has complete access to the Vulnerability Response Integration with Tenable application and its records.

sn_vul_tenable.configure_integration

Can configure the Tenable Vulnerability Integration. This role contains the sn_vul_tenable.read_integration granular role.

sn_vul_tenable.read_integration

Can view (read) records of the Tenable Vulnerability Integration.

Vulnerability Response group

By default, the Vulnerability Response group is available in Setup Assistant. Users assigned to the Vulnerability Response group inherit the sn_vul.read_all and sn_vul.remediation_owner roles automatically.

The system admin performs the initial assignment of roles to users and groups in Setup Assistant for the integration. By default, the Vulnerability Response group is available. If not already created, you may prefer to create additional groups and add users with the User Administration module in your instance prior to using Setup Assistant. See Create a user group.

Persona and granular roles are available to help you manage what users can do and see in the Vulnerability Response application. For initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant.

To promote improved performance for your first import, you may prefer to disable certain features, rules, or jobs in your instance.

• Disable vulnerability calculators if you do not use them. These calculators, plus any you have defined, run every time a vulnerable item record is created or updated. See Disable vulnerability calculators.
• During the initial import of records, certain notification-related business rules can cause many notifications to be generated, impacting performance. Prior to your initial import, you may prefer to Disable notification-related business rules as described in Optional import modifications for the Tenable Vulnerability Integration.

Verify you have enabled any features, rules, dependency plugins, or jobs in your instance required for the integration.

• Tenable.sc is an on-premises integration that gives you the option to use a MID Server if the Vulnerability Response Integration with Tenable product and your Now Platform instance are in the same environment. If the Tenable.sc product and your Now Platform instance are not in the same environment, you are required to use a MID Server. For more information about MID Servers in your instance, see MID Server.
• Verify the IntegrationHub plugin is installed and activated. This plugin enables base system components to call external systems using integration APIs and activates protocol steps like REST.

  Navigate to System Applications > All Available Applications > All and locate the plugin. If not installed in your instance, install and activate it.

Obtain Tenable credentials.

Verify you have any account names, passwords, and other service information required by your Tenable products so that you have access to them.

Tenable.io requires Administrator access with a permission attribute greater than or equal to 64. Tenable.sc requires Security Analyst or Manager access.