System Administration - assign users and groups and install integration applications

Role required: admin

A list of users and integrations should be obtained from the Vulnerability Manager prior to beginning these tasks.

1. Navigate to Vulnerability Response > Administration > Setup Assistant.

   

2. In the first section, System Administration, the admin the assigns roles to users and groups and installs supported integrations.

   Starting with version 10.3 of Vulnerability Response and later, assign Vulnerability Response personas and roles to users and groups in Setup Assistant.

   Starting with v10.3, persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

   Note: If you are an upgrade customer, access for the users and groups you assigned with the sn_vul.vulnerability_read and sn_vul.vulnerability_write permissions prior to v10.3 has not changed. Users and groups remain assigned with these roles until you change them. However, starting with v10.3, you may prefer assigning granular roles for more control over what users and groups can do and see in the Vulnerability Response application. For an overview and more information about managing these roles, see Vulnerability Response personas and granular roles and Manage persona and granular roles for Vulnerability Response.
3. Alternatively, prior to v10.3 of Vulnerability Response, assign roles in Setup Assistant.
   • Assign the role of sn_vul.admin to users or groups.
   • Assign the sn_vul.admin role for Vulnerability Response administration and configuration including vulnerability integrations, vulnerability group rules, calculators, and time-to-remediate rules.
   • Assign the sn_vul_vulnerability_write role for the creation and update of vulnerability groups and vulnerable items.
     Note: All other users automatically receive Write access only to vulnerability groups that are assigned to them.
   • Assign the sn_vul_vulnerability_read role to view vulnerability groups, vulnerable items, and other vulnerability information.
     Note: Users with the itil role are automatically granted the sn_vul.remediation_owner role allowing them to see vulnerability groups and vulnerable items assigned to them, vulnerability entries, and, solutions in the Vulnerability Response application on their instance and in the ServiceNow Agent application. No additional assignment is needed.
4. Install third-party integration applications.
   • The Qualys Vulnerability Integration can be installed and completely configured in Setup Assistant.
   • Starting with v12.1 of Vulnerability Response, you can Install and configure the Vulnerability Response Integration with Tenable application using Setup Assistant.
   • See Supported applications and setup for Vulnerability Response and Vulnerability Response integrations for more information about applications that are supported by Vulnerability Response.
   • For more information about using setup assistant to install supported apps, see Install Vulnerability Response third-party applications using Setup Assistant.

Vulnerability Response Settings

Role required: sn_vul.vulnerability.admin or sn_vul.admin (deprecated), or admin

In Vulnerability Response Settings, the vulnerability administrator defines application-wide settings and defines rules for Vulnerability Response. Alternatively, the admin can perform these tasks.

1. Create Vulnerability Assignment Rules.

   Create rules that define the automatic assignment of vulnerability groups for remediation. At least one rule is shipped with the base system. See Vulnerability Response assignment rules overview for more information.

   Note:

   The reapply feature requires a baseline application of the rules. Once your rules are created, activate the Reapply all vulnerability assignment rules scheduled job to execute, at your convenience. Otherwise, you will be required to reapply all rules to all Open VIs prior to changing them.

   When the job is complete, set the Run field in the scheduled job to fit your environment. Depending on the number of active VIs you have, evaluating and updating them daily can have non-trivial performance impact. For larger environments, consider updating once a week or even once a month.

   Reapplying assignment rules does not regroup the vulnerable items.

2. Create Vulnerability Group Rules.

   Create rules that define the automatic creation of vulnerability groups for remediation. At least one rule, Vulnerability, is shipped with the base system. You can reapply the rules from the form or list view.

   • When a group rule is deleted, from the form or list view, you have the option to delete all Open groups created by that rule. Groups not in the Open state are excluded.
   • See CI Lookup rules for identifying configuration items from Vulnerability Response third-party vulnerability integrations for more information on creating rules for your environment.
   • See Understanding the Vulnerability Response application for more information on using Vulnerability Response to remediate vulnerabilities.
3. Create and enable Risk Calculators.

   Enable risk calculators that define how vulnerable items are scored for prioritization. Several risk calculators are shipped with the base system. See Vulnerability Response calculators and vulnerability calculator rules information on creating or editing risk calculators for your environment.

4. Create Remediation Target Rules.

   Create remediation target rules for categories of remediation. At least one rule is shipped with the base system. See Vulnerability Response remediation target rules for more information on creating rules for your environment.

Integration Configuration

Role required: sn_vul.vulnerability.admin or sn_vul.admin (deprecated), or admin

In the Integration Configuration section, configure, schedule, edit, and launch on-demand the following third-party vulnerability scanner integrations and solution providers for the Vulnerability Solution Management application.

• See Configure the Qualys Vulnerability Integration using Setup Assistant for more information about configuring the Qualys Vulnerability Integration.
• Starting with v12.1 of Vulnerability Response, configuration of the Tenable Vulnerability Integration is supported. See Configure the Tenable Vulnerability Integration using Setup Assistant.
• After you install the Vulnerability Solution Management application, the Solution Integrations option is displayed below Scanner Integrations. Click Solution Integrations to configure your installed vulnerability solution providers from this section of Setup Assistant. Starting with v10.3 of Vulnerability Response, the Red Hat Solution Integration is available.

  See Vulnerability Solution Management for more information about installed solutions. See Install the Solution Management for Vulnerability Response application for more information about installation.

  See Configure installed solution integrations for Vulnerability Solution Management using Setup Assistant for more information about configuring your installed solutions.

• If an integration is multi-sourced, you can have multiple deployments of the same third-party integration.
• The settings from your original third-party integration are used as a template for the settings of each new integration.
  Note: If you delete the original vulnerability integration, you have to select another integration to use as your template. See Reassign the template integration for more information. Consider disabling the integration instead of deleting it. Integrations created from disabled templates are disabled by default.

  Data from each third-party integration is uniquely identified and available in a single instance of Vulnerability Response.

Additional tasks

See Additional Vulnerability Response setup tasks for more information on setup tasks not included in Setup Assistant.