Product documentation Docs
    • English
    • Deutsch
    • 日本語
    • 한국어
    • Français
  • More Sites
    • Now Community
    • Developer Site
    • Knowledge Base
    • Product Information
    • ServiceNow.com
    • Training
    • Customer Success Center
    • ServiceNow Support Videos
  • Log in

Product documentation

  • Home
How search works:
  • Punctuation and capital letters are ignored
  • Special characters like underscores (_) are removed
  • Known synonyms are applied
  • The most relevant topics (based on weighting and matching to search terms) are listed first in search results
Topics are ranked in search results by how closely they match your search terms
  • A match on the entire phrase you typed
  • A match on part of the phrase you typed
  • A match on ALL of the terms in the phrase you typed
  • A match on ANY of the terms in the phrase you typed

Note: Matches in titles are always highly ranked.

  • Release version
    Table of Contents
    • Security Operations
Table of Contents
Choose your release version
    Home Orlando Security Incident Management Security Operations Vulnerability Response Understanding the Vulnerability Response application

    Understanding the Vulnerability Response application

    • Save as PDF Selected topic Topic & subtopics All topics in contents
    • Unsubscribe Log in to subscribe to topics and get notified when content changes.
    • Share this page

    Understanding the Vulnerability Response application

    The ServiceNow® Vulnerability Response application imports and automatically groups vulnerable items according to group rules allowing you to remediate vulnerabilities quickly. Vulnerability data is pulled from internal and external sources, such as the National Vulnerability Database (NVD) or third-party integrations.

    Compare vulnerability data pulled from internal and external sources. For any vulnerable items, create change requests and security incidents using vulnerability groups to remediate issues and mitigate risk.

    Watch an overview of the typical vulnerability response within an enterprise versus the vulnerability response with ServiceNow®. It defines vulnerable items, vulnerability groups, and their lifecycles.

    Vulnerability Response and the Now Platform®

    Vulnerability Response is one member of the Security Operations application suite. Together these applications connect security to your IT department, increase the speed and efficiency of your response, and give you a definitive view of your security posture.

    Security Operations overview

    Vulnerability Response flow

    You use Vulnerability Response to follow the flow of information, from integration through investigation, and then on to resolution.

    Vulnerability Response flow
    • Work with an implementation specialist to achieve your desired business outcomes. To learn more, visit the Customer Success Center.
    • Take a Vulnerability Response course to build expertise and realize ROI faster. To sign up, see ServiceNow training and certification.

    Available versions for Orlando

    Release version Release Notes

    Vulnerability Response v13.0

    Vulnerability Response v12.2

    Vulnerability Response v12.1

    Vulnerability Response v12.0

    Vulnerability Response v11.0

    Vulnerability Response v10.3

    Vulnerability Response v10.0

    Vulnerability Response v9.0 (platform upgrade only)

    Vulnerability Response release notes

    For compatibility information, see KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes

    Integrate your Vulnerability scanner

    After vulnerability data is imported, you can compare the data to CIs and software identified in the ServiceNow® Asset Management application. You can perform the following tasks.
    • Compare vulnerability-related data, if a vulnerability is found on a configuration item.
    • Escalate issues by creating change requests, and security incident records (if the ServiceNow® Security Incident Response application is activated).
    • Manage vulnerable items grouped by the vulnerability, or CI, or individually. Each vulnerability represents a vulnerability entry in the NVD, Common Weakness Enumeration (CWE), or third-party libraries.
    • Relate a single third-party vulnerability to multiple Common Vulnerabilities and Exposure (CVE) entries.
    • Use CWE records, downloaded from the CWE database, for reference when deciding whether a vulnerability must be escalated. Each CWE record also includes an associated knowledge article that describes the weakness. You cannot escalate a vulnerability from the Common Weakness Enumerations page. That page is for reference only.

    Multi-source support

    You can have multiple deployments of the Qualys Vulnerability Integration, Rapid7 InsightVM integrations, and, starting with v12.1, the Tenable Vulnerability Integration developed for the Now Platform.

    Assets, identified by multiple third-party deployments and their vulnerabilities, are consolidated and reconciled with your CMDB. This consolidation happens even when scan processes overlap between the multiple deployments. Data sourced from each deployment is identified and available in a single instance of Vulnerability Response.

    Qualys Vulnerability Integration KnowledgeBase records are normalized across deployments, ensuring that instances of the same vulnerability across deployments are treated as the same vulnerability. Setup for the multi-source integrations for the Qualys Vulnerability Integration and the Tenable Vulnerability Integration is available within the Setup Assistant.

    Prioritize vulnerabilities

    Vulnerability Response data correlation is performed using groups, calculators, and libraries. You can perform the following tasks.
    • Create vulnerability groups to contain vulnerable items from NVD, CWE, and third-party integrations.
    • Assign prioritization, rules, and access.
    • Create assignment and remediation target rules.
    • Create vulnerability group rules based on vulnerabilities, filters, filter conditions, and group keys.
    • Use calculator groups to determine business impact, specify varying conditions using filters, apply simple calculations, or use a script.
    • View ungrouped vulnerable items and vulnerabilities.

    Create change requests and coordinate planning

    Vulnerability Response remediation is primarily a manual process performed at the group level. There are multiple ways to remediate vulnerability groups.

    Create emergency, standard, and normal change requests directly from vulnerability groups to expedite your investigation and remediation of vulnerabilities with Change management for Vulnerability Response. Create change requests that contain pre-populated information imported directly from a vulnerability group, filter out a subset of vulnerable items and create a new vulnerability group, or associate vulnerability groups to existing change requests.

    Prior to Vulnerability Response v9.0, from the Under Investigation state, create change requests, defer, or close the group.

    If the vulnerability is a security incident and Security Incident Response is activated, you can create security incident records.

    Assignment rules are used to automate vulnerable item or vulnerability assignments. Due to the large volume in data imports, care should be taken with automated vulnerable item assignment.

    Confirm vulnerability resolution

    Vulnerability Solution Management contains solution integrations such as the Microsoft Security Response Center Solution Integration.

    Starting with v10.3, Red Hat Solution Integration is also available.

    Automatically correlate the vulnerabilities in your environment with the solutions that would remediate them. Identify the remediation actions that apply to your environment and prioritize them by the greatest reduction in vulnerability risk.

    Vulnerability Response provides several useful reports, charts, and an Explorer dashboard for you to analyze and monitor data before and after remediation. You can also return Vulnerability Response-related information using the global search feature.

    Automated rescan confirms that your changes have taken effect or the need to reschedule.

    Mobile experience for Vulnerability Response

    Access the Vulnerability Response application on your Now Platform® instance directly from your mobile device.

    View and search vulnerabilities, vulnerability groups, and assignments using the Vulnerability Response mobile application.

    This mobile application gives you the flexibility to reassign, edit fields, and begin remediation without being tied to the desktop.

    Vulnerability Response terminology

    The following terms are used in Vulnerability Response.
    Common Vulnerability and Exposure (CVE)
    Dictionary of publicly known information-security vulnerabilities and exposures.
    Common Vulnerability Scoring System (CVSS)
    Open framework for communicating the characteristics and severity of software vulnerabilities. CVSS v3 was not available prior to 2015.
    Common Weakness Enumeration (CWE)
    List of community-developed software weakness types.
    Discovery models
    Software models used to help normalize the software you own by analyzing and classifying models to reduce duplication.
    National Vulnerability Database (NVD)
    U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP).
    Vulnerability Response calculators and vulnerability calculator rules and Vulnerability Response Rollup Calculators
    Calculators used to prioritize and categorize vulnerabilities based on user-defined criteria.
    Vulnerability Response groups and group rules overview
    Used to group vulnerable items based on vulnerability, vulnerable item conditions, or filter group.
    Vulnerability Integrations
    Scheduled jobs that pull report data from NVD, CWE, or a third-party system, such as the Qualys Cloud Platform, to retrieve vulnerability data.
    Vulnerabilities
    Records of potentially vulnerable software downloaded from the National Institute of Standards and Technology (NIST) NVD, CWE, or third-party integrations.
    Vulnerable items
    Pairings of vulnerable entries, downloaded from the NIST NVD or third-party integrations, and potentially vulnerable configuration items and software in your company network.
    • Vulnerability Response personas and granular roles

      Before you can successfully remediate vulnerabilities with the Vulnerability Response application, you must assign personas and roles to your users and groups in Setup Assistant.

    • Vulnerability Response assignment rules overview

      Define the criteria by which vulnerable items (VIs) are automatically assigned to an assignment group for remediation.

    • Vulnerability Response groups and group rules overview

      Starting with Vulnerability Response v10.0, configure vulnerability groups (VG) to help analysts and remediation specialists organize vulnerable items (VI) and analyze them in bulk. The criteria by which groups are formed is configured so that you do not have to manually assign vulnerable items into groups. Using vulnerability groups, you can monitor progress and drive the remediation process more efficiently.

    • Vulnerability groups and group rules overview (Prior to v10.0)

      Prior to Vulnerability Response v10.0, configure vulnerability groups (VG) to help analysts and remediation specialists organize vulnerable items (VI) and analyze them in bulk. The criteria by which groups are formed is configured so that you do not have to manually assign vulnerable items into groups. Using vulnerability groups, you can monitor progress and drive the remediation process more efficiently.

    • Machine Learning solutions for Vulnerability Response

      Vulnerability Assignment Recommendations uses ServiceNow® Predictive Intelligence and machine learning to recommend assignment groups for vulnerable items (VIs) and vulnerability groups (VGs). You can reduce the time that you spend on identifying the owners for unassigned or incorrectly assigned vulnerability findings. Also, you can see a system-generated confidence score that evaluates if the recommended assignment group is suited to resolve the vulnerability.

    • CI Lookup rules for identifying configuration items from Vulnerability Response third-party vulnerability integrations

      When data is imported from a third-party integration, Vulnerability Response automatically uses host data to search for matches in the Configuration Management Database (CMDB). It does this using CI Lookup Rules. These rules are used to identify configuration items (CIs) and add them to the vulnerable item record to aid in remediation.

    • Creating CIs for Vulnerability Response using the Identification and Reconciliation engine

      Starting with Vulnerability Response 12.1, you can create configuration items (CIs) in the Configuration Management Database (CMDB) using the Identification and Reconciliation engine (IRE) API. By using the IRE API to create CIs, you can prevent duplicate CIs from being created and you can reconcile CI attributes by allowing only authoritative data sources to write to CMDB.

    • Discovered Items overview

      Assets are automatically matched to configuration items (CIs) in the Configuration Management Database (CMDB) when they are imported using CI Lookup Rules. Discovered Items give you visibility into how asset identification is mapped to CIs in the CMDB.

    • Vulnerability Response group and vulnerable item states

      Vulnerability Response offers a state model for the status of the vulnerability group, at any given time. Knowing how each state relates to and affects each other helps you to determine when and how to remediate your vulnerable items (VI).

    • Vulnerability Response calculators and vulnerability calculator rules

      Vulnerability calculators automate calculating initial values for the fields on vulnerable items. The condition for each calculator is evaluated in order, and the first matching calculator is used.

    • Vulnerability Response vulnerable item detections from third-party integrations

      Starting with v10.0, view all of the information that is gathered by third-party scans in your Now Platform® instance. View the returned results of the scans on detection and vulnerable item (VI) records in your instance as these results are viewed on the scanners.

    • Vulnerability Response remediation target rules

      Remediation target rules define the expected timeframe for remediating a vulnerable item (VI), much like SLAs provide a timeframe for remediating the vulnerability itself. For example, if an asset contains PCI data (credit card data) then the vulnerability on that item needs to be fixed within 30 days according to PCI DSS.

    • Vulnerability Solution Management

      Automatically correlate the vulnerabilities in your environment with the solutions that could remediate them. Identify the remediation actions that apply to your vulnerabilities and prioritize them by the greatest reduction in vulnerability risk.

    • Exception Management overview

      When your organization can't comply with a published vulnerability management or security policy, standard, or guideline, you can request an exception. Exception management entails requesting, reviewing, approving, or rejecting exceptions to a vulnerable item (VI) or vulnerability group (VG) that cannot be remediated according to the policy.

    • Exception rules overview

      Starting with version 12.0, exception rules for Vulnerability Response enable you to automate the deferral process for vulnerable items (VIs). You can request an exception for the vulnerable items (VIs) that can't be remediated or deferred immediately, by identifying the impacted vulnerabilities, configuration items (CIs), or VIs. By automating the VI deferral process, you can defer the matching VIs based on the rule when the system identifies them.

    • False Positive overview

      A false positive is a condition wherein the scanner reports that a vulnerability exists in the system, but in reality there is no vulnerability. There can be multiple reasons like incorrect classification, improper logic or algorithm in the scanner. The remediation owner can mark vulnerable items (VIs) or vulnerability groups (VGs) as false positives.

    • Change management for Vulnerability Response

      As an IT remediation owner, you can create and manage change requests (CHG) directly from vulnerability groups (VG) in the Vulnerability Response application. Change requests help you initiate and track change activities on your assets so that you can remediate your vulnerability groups and their corresponding vulnerable items.

    • Software exposure assessment using ITAM Software Asset Management (SAM)

      Use the ServiceNow® Exposure Assessment application to determine your total installed software count for a specific software package on your assets. When used with the ServiceNow® IT Asset Management (ITAM) Software Asset Management (SAM) application, evaluate your exposure, create vulnerable items, and manage remediation for the vulnerable software you discover.

    • Domain separation and Vulnerability Response

      This is an overview of domain separation and Vulnerability Response. With domain separation you can separate data, processes, and administrative tasks into logical groupings called domains. You can then control several aspects of this separation, including which users can see and access data.

    Tags:

    Feedback
    On this page

    Previous topic

    Next topic

    • Contact Us
    • Careers
    • Terms of Use
    • Privacy Statement
    • Sitemap
    • © ServiceNow. All rights reserved.

    Release version
    Choose your release version

      Understanding the Vulnerability Response application

      • Save as PDF Selected topic Topic & subtopics All topics in contents
      • Unsubscribe Log in to subscribe to topics and get notified when content changes.
      • Share this page

      Understanding the Vulnerability Response application

      The ServiceNow® Vulnerability Response application imports and automatically groups vulnerable items according to group rules allowing you to remediate vulnerabilities quickly. Vulnerability data is pulled from internal and external sources, such as the National Vulnerability Database (NVD) or third-party integrations.

      Compare vulnerability data pulled from internal and external sources. For any vulnerable items, create change requests and security incidents using vulnerability groups to remediate issues and mitigate risk.

      Watch an overview of the typical vulnerability response within an enterprise versus the vulnerability response with ServiceNow®. It defines vulnerable items, vulnerability groups, and their lifecycles.

      Vulnerability Response and the Now Platform®

      Vulnerability Response is one member of the Security Operations application suite. Together these applications connect security to your IT department, increase the speed and efficiency of your response, and give you a definitive view of your security posture.

      Security Operations overview

      Vulnerability Response flow

      You use Vulnerability Response to follow the flow of information, from integration through investigation, and then on to resolution.

      Vulnerability Response flow
      • Work with an implementation specialist to achieve your desired business outcomes. To learn more, visit the Customer Success Center.
      • Take a Vulnerability Response course to build expertise and realize ROI faster. To sign up, see ServiceNow training and certification.

      Available versions for Orlando

      Release version Release Notes

      Vulnerability Response v13.0

      Vulnerability Response v12.2

      Vulnerability Response v12.1

      Vulnerability Response v12.0

      Vulnerability Response v11.0

      Vulnerability Response v10.3

      Vulnerability Response v10.0

      Vulnerability Response v9.0 (platform upgrade only)

      Vulnerability Response release notes

      For compatibility information, see KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes

      Integrate your Vulnerability scanner

      After vulnerability data is imported, you can compare the data to CIs and software identified in the ServiceNow® Asset Management application. You can perform the following tasks.
      • Compare vulnerability-related data, if a vulnerability is found on a configuration item.
      • Escalate issues by creating change requests, and security incident records (if the ServiceNow® Security Incident Response application is activated).
      • Manage vulnerable items grouped by the vulnerability, or CI, or individually. Each vulnerability represents a vulnerability entry in the NVD, Common Weakness Enumeration (CWE), or third-party libraries.
      • Relate a single third-party vulnerability to multiple Common Vulnerabilities and Exposure (CVE) entries.
      • Use CWE records, downloaded from the CWE database, for reference when deciding whether a vulnerability must be escalated. Each CWE record also includes an associated knowledge article that describes the weakness. You cannot escalate a vulnerability from the Common Weakness Enumerations page. That page is for reference only.

      Multi-source support

      You can have multiple deployments of the Qualys Vulnerability Integration, Rapid7 InsightVM integrations, and, starting with v12.1, the Tenable Vulnerability Integration developed for the Now Platform.

      Assets, identified by multiple third-party deployments and their vulnerabilities, are consolidated and reconciled with your CMDB. This consolidation happens even when scan processes overlap between the multiple deployments. Data sourced from each deployment is identified and available in a single instance of Vulnerability Response.

      Qualys Vulnerability Integration KnowledgeBase records are normalized across deployments, ensuring that instances of the same vulnerability across deployments are treated as the same vulnerability. Setup for the multi-source integrations for the Qualys Vulnerability Integration and the Tenable Vulnerability Integration is available within the Setup Assistant.

      Prioritize vulnerabilities

      Vulnerability Response data correlation is performed using groups, calculators, and libraries. You can perform the following tasks.
      • Create vulnerability groups to contain vulnerable items from NVD, CWE, and third-party integrations.
      • Assign prioritization, rules, and access.
      • Create assignment and remediation target rules.
      • Create vulnerability group rules based on vulnerabilities, filters, filter conditions, and group keys.
      • Use calculator groups to determine business impact, specify varying conditions using filters, apply simple calculations, or use a script.
      • View ungrouped vulnerable items and vulnerabilities.

      Create change requests and coordinate planning

      Vulnerability Response remediation is primarily a manual process performed at the group level. There are multiple ways to remediate vulnerability groups.

      Create emergency, standard, and normal change requests directly from vulnerability groups to expedite your investigation and remediation of vulnerabilities with Change management for Vulnerability Response. Create change requests that contain pre-populated information imported directly from a vulnerability group, filter out a subset of vulnerable items and create a new vulnerability group, or associate vulnerability groups to existing change requests.

      Prior to Vulnerability Response v9.0, from the Under Investigation state, create change requests, defer, or close the group.

      If the vulnerability is a security incident and Security Incident Response is activated, you can create security incident records.

      Assignment rules are used to automate vulnerable item or vulnerability assignments. Due to the large volume in data imports, care should be taken with automated vulnerable item assignment.

      Confirm vulnerability resolution

      Vulnerability Solution Management contains solution integrations such as the Microsoft Security Response Center Solution Integration.

      Starting with v10.3, Red Hat Solution Integration is also available.

      Automatically correlate the vulnerabilities in your environment with the solutions that would remediate them. Identify the remediation actions that apply to your environment and prioritize them by the greatest reduction in vulnerability risk.

      Vulnerability Response provides several useful reports, charts, and an Explorer dashboard for you to analyze and monitor data before and after remediation. You can also return Vulnerability Response-related information using the global search feature.

      Automated rescan confirms that your changes have taken effect or the need to reschedule.

      Mobile experience for Vulnerability Response

      Access the Vulnerability Response application on your Now Platform® instance directly from your mobile device.

      View and search vulnerabilities, vulnerability groups, and assignments using the Vulnerability Response mobile application.

      This mobile application gives you the flexibility to reassign, edit fields, and begin remediation without being tied to the desktop.

      Vulnerability Response terminology

      The following terms are used in Vulnerability Response.
      Common Vulnerability and Exposure (CVE)
      Dictionary of publicly known information-security vulnerabilities and exposures.
      Common Vulnerability Scoring System (CVSS)
      Open framework for communicating the characteristics and severity of software vulnerabilities. CVSS v3 was not available prior to 2015.
      Common Weakness Enumeration (CWE)
      List of community-developed software weakness types.
      Discovery models
      Software models used to help normalize the software you own by analyzing and classifying models to reduce duplication.
      National Vulnerability Database (NVD)
      U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP).
      Vulnerability Response calculators and vulnerability calculator rules and Vulnerability Response Rollup Calculators
      Calculators used to prioritize and categorize vulnerabilities based on user-defined criteria.
      Vulnerability Response groups and group rules overview
      Used to group vulnerable items based on vulnerability, vulnerable item conditions, or filter group.
      Vulnerability Integrations
      Scheduled jobs that pull report data from NVD, CWE, or a third-party system, such as the Qualys Cloud Platform, to retrieve vulnerability data.
      Vulnerabilities
      Records of potentially vulnerable software downloaded from the National Institute of Standards and Technology (NIST) NVD, CWE, or third-party integrations.
      Vulnerable items
      Pairings of vulnerable entries, downloaded from the NIST NVD or third-party integrations, and potentially vulnerable configuration items and software in your company network.
      • Vulnerability Response personas and granular roles

        Before you can successfully remediate vulnerabilities with the Vulnerability Response application, you must assign personas and roles to your users and groups in Setup Assistant.

      • Vulnerability Response assignment rules overview

        Define the criteria by which vulnerable items (VIs) are automatically assigned to an assignment group for remediation.

      • Vulnerability Response groups and group rules overview

        Starting with Vulnerability Response v10.0, configure vulnerability groups (VG) to help analysts and remediation specialists organize vulnerable items (VI) and analyze them in bulk. The criteria by which groups are formed is configured so that you do not have to manually assign vulnerable items into groups. Using vulnerability groups, you can monitor progress and drive the remediation process more efficiently.

      • Vulnerability groups and group rules overview (Prior to v10.0)

        Prior to Vulnerability Response v10.0, configure vulnerability groups (VG) to help analysts and remediation specialists organize vulnerable items (VI) and analyze them in bulk. The criteria by which groups are formed is configured so that you do not have to manually assign vulnerable items into groups. Using vulnerability groups, you can monitor progress and drive the remediation process more efficiently.

      • Machine Learning solutions for Vulnerability Response

        Vulnerability Assignment Recommendations uses ServiceNow® Predictive Intelligence and machine learning to recommend assignment groups for vulnerable items (VIs) and vulnerability groups (VGs). You can reduce the time that you spend on identifying the owners for unassigned or incorrectly assigned vulnerability findings. Also, you can see a system-generated confidence score that evaluates if the recommended assignment group is suited to resolve the vulnerability.

      • CI Lookup rules for identifying configuration items from Vulnerability Response third-party vulnerability integrations

        When data is imported from a third-party integration, Vulnerability Response automatically uses host data to search for matches in the Configuration Management Database (CMDB). It does this using CI Lookup Rules. These rules are used to identify configuration items (CIs) and add them to the vulnerable item record to aid in remediation.

      • Creating CIs for Vulnerability Response using the Identification and Reconciliation engine

        Starting with Vulnerability Response 12.1, you can create configuration items (CIs) in the Configuration Management Database (CMDB) using the Identification and Reconciliation engine (IRE) API. By using the IRE API to create CIs, you can prevent duplicate CIs from being created and you can reconcile CI attributes by allowing only authoritative data sources to write to CMDB.

      • Discovered Items overview

        Assets are automatically matched to configuration items (CIs) in the Configuration Management Database (CMDB) when they are imported using CI Lookup Rules. Discovered Items give you visibility into how asset identification is mapped to CIs in the CMDB.

      • Vulnerability Response group and vulnerable item states

        Vulnerability Response offers a state model for the status of the vulnerability group, at any given time. Knowing how each state relates to and affects each other helps you to determine when and how to remediate your vulnerable items (VI).

      • Vulnerability Response calculators and vulnerability calculator rules

        Vulnerability calculators automate calculating initial values for the fields on vulnerable items. The condition for each calculator is evaluated in order, and the first matching calculator is used.

      • Vulnerability Response vulnerable item detections from third-party integrations

        Starting with v10.0, view all of the information that is gathered by third-party scans in your Now Platform® instance. View the returned results of the scans on detection and vulnerable item (VI) records in your instance as these results are viewed on the scanners.

      • Vulnerability Response remediation target rules

        Remediation target rules define the expected timeframe for remediating a vulnerable item (VI), much like SLAs provide a timeframe for remediating the vulnerability itself. For example, if an asset contains PCI data (credit card data) then the vulnerability on that item needs to be fixed within 30 days according to PCI DSS.

      • Vulnerability Solution Management

        Automatically correlate the vulnerabilities in your environment with the solutions that could remediate them. Identify the remediation actions that apply to your vulnerabilities and prioritize them by the greatest reduction in vulnerability risk.

      • Exception Management overview

        When your organization can't comply with a published vulnerability management or security policy, standard, or guideline, you can request an exception. Exception management entails requesting, reviewing, approving, or rejecting exceptions to a vulnerable item (VI) or vulnerability group (VG) that cannot be remediated according to the policy.

      • Exception rules overview

        Starting with version 12.0, exception rules for Vulnerability Response enable you to automate the deferral process for vulnerable items (VIs). You can request an exception for the vulnerable items (VIs) that can't be remediated or deferred immediately, by identifying the impacted vulnerabilities, configuration items (CIs), or VIs. By automating the VI deferral process, you can defer the matching VIs based on the rule when the system identifies them.

      • False Positive overview

        A false positive is a condition wherein the scanner reports that a vulnerability exists in the system, but in reality there is no vulnerability. There can be multiple reasons like incorrect classification, improper logic or algorithm in the scanner. The remediation owner can mark vulnerable items (VIs) or vulnerability groups (VGs) as false positives.

      • Change management for Vulnerability Response

        As an IT remediation owner, you can create and manage change requests (CHG) directly from vulnerability groups (VG) in the Vulnerability Response application. Change requests help you initiate and track change activities on your assets so that you can remediate your vulnerability groups and their corresponding vulnerable items.

      • Software exposure assessment using ITAM Software Asset Management (SAM)

        Use the ServiceNow® Exposure Assessment application to determine your total installed software count for a specific software package on your assets. When used with the ServiceNow® IT Asset Management (ITAM) Software Asset Management (SAM) application, evaluate your exposure, create vulnerable items, and manage remediation for the vulnerable software you discover.

      • Domain separation and Vulnerability Response

        This is an overview of domain separation and Vulnerability Response. With domain separation you can separate data, processes, and administrative tasks into logical groupings called domains. You can then control several aspects of this separation, including which users can see and access data.

      Tags:

      Feedback

          Share this page

          Got it! Feel free to add a comment
          To share your product suggestions, visit the Idea Portal.
          Please let us know how to improve this content

          Check any that apply

          To share your product suggestions, visit the Idea Portal.
          Confirm

          We were unable to find "Coaching" in Jakarta. Would you like to search instead?

          No Yes
          • Contact Us
          • Careers
          • Terms of Use
          • Privacy Statement
          • Sitemap
          • © ServiceNow. All rights reserved.

          Subscribe Subscribed Unsubscribe Last updated: Tags: January February March April May June July August September October November December No Results Found Versions Search preferences successfully updated My release version successfully updated My release version successfully deleted An error has occurred. Please try again later. You have been unsubscribed from all topics. You are now subscribed to and will receive notifications if any changes are made to this page. You have been unsubscribed from this content Thank you for your feedback. Form temporarily unavailable. Please try again or contact  docfeedback@servicenow.com  to submit your comments. The topic you requested does not exist in the release. You were redirected to a related topic instead. The available release versions for this topic are listed There is no specific version for this documentation. Explore products Click to go to the page. Release notes and upgrades Click to open the dropdown menu. Delete Remove No selected version Reset This field is required You are already subscribed to this topic Attach screenshot The file you uploaded exceeds the allowed file size of 20MB. Please try again with a smaller file. Please complete the reCAPTCHA step to attach a screenshot
          Log in to personalize your search results and subscribe to topics
          No, thanks Login