Product documentation Docs
    • English
    • Deutsch
    • 日本語
    • 한국어
    • Français
  • More Sites
    • Now Community
    • Developer Site
    • Knowledge Base
    • Product Information
    • ServiceNow.com
    • Training
    • Customer Success Center
    • ServiceNow Support Videos
  • Log in

Product documentation

  • Home
How search works:
  • Punctuation and capital letters are ignored
  • Special characters like underscores (_) are removed
  • Known synonyms are applied
  • The most relevant topics (based on weighting and matching to search terms) are listed first in search results
Topics are ranked in search results by how closely they match your search terms
  • A match on the entire phrase you typed
  • A match on part of the phrase you typed
  • A match on ALL of the terms in the phrase you typed
  • A match on ANY of the terms in the phrase you typed

Note: Matches in titles are always highly ranked.

  • Release version
    Table of Contents
    • Security Operations
Table of Contents
Choose your release version
    Home Orlando Security Incident Management Security Operations Vulnerability Response Understanding the Vulnerability Response application Vulnerability Response vulnerable item detections from third-party integrations

    Vulnerability Response vulnerable item detections from third-party integrations

    • Save as PDF Selected topic Topic & subtopics All topics in contents
    • Unsubscribe Log in to subscribe to topics and get notified when content changes.
    • Share this page

    Vulnerability Response vulnerable item detections from third-party integrations

    Starting with v10.0, view all of the information that is gathered by third-party scans in your Now Platform® instance. View the returned results of the scans on detection and vulnerable item (VI) records in your instance as these results are viewed on the scanners.

    Overview

    Starting with v10.0, the Vulnerability Response application supports third-party Integrations that retrieve vulnerable item data from your enterprise environment. Detailed data about detections, that is, single, distinct occurrences of vulnerabilities as reported by the scanners of your third-party integrations, are imported and displayed on both the detection and the vulnerable item records in your Now Platform instance.

    Prior to v10.0 vulnerable item detections, the relationship between a CI (asset) in your environment and an imported vulnerability from a third-party scanner created a unique vulnerable item in your Now Platform instance. Starting with v10.0, the granularity of the original data provided by the scanner is preserved. With detections, the detection data is paired with vulnerable items. During an ingestion, if a vulnerable item is not found, a new VI is created.

    Supported versions of Vulnerability Response

    Vulnerable item detections are supported by the Vulnerability Response application for v10.0 for the Madrid, New York, and Orlando family releases. For more information about installing or updating the Vulnerability Response application to v10.0, see Install and configure Vulnerability Response.

    Supported third-party integrations

    A supported third-party integration with your Vulnerability Response application is required for vulnerable item detections. Starting with v10.0, the following third-party integrations are supported by the Vulnerability Response application for vulnerable item detections:
    • Qualys Host Detection Integration
    • Rapid7 Data Warehouse:
      • Vulnerable Item Integration
      • Vulnerable Item Resolution Integration
    • Rapid7  Vulnerable Item Resolution Integration (InsightVM):
      • Insight VM integration
      • Vulnerable Item Integration - API

    These third-party integrations are available with a separate subscription from the ServiceNow Store. For more information about these integrations, see Vulnerability Response integrations and Security Operations and the ServiceNow Store for more information about obtaining entitlement.

    To verify that your third-party scanner is configured for import, see Install and configure the Rapid7 Integration for Security Operations application and Install the Qualys Vulnerability Integration.

    Key terms for vulnerable item detections

    Vulnerability
    Data about weaknesses in software, operating systems, and assets imported from internal and external sources. This data is imported and compared to existing assets (configuration items, CIs) listed in the CMDB.
    Vulnerable item
    A vulnerable item is created or updated when an imported vulnerability matches a CI in the CMDB.
    Detection
    A single, distinct occurrence of a vulnerability as reported by a scanner referred to as a Vulnerable Item Detection within the Now Platform environment. A detection includes enriched data about a vulnerability and any corresponding vulnerable items. This data is displayed on the Detection record (VID#) and the vulnerable item list view that includes the following details:
    • First found (data)
    • Last found (date)
    • DNS name
    • Net BIOSname
    • IP address
    • Port
    • Protocol
    • Proof
    • SSL
    • Times found
    Detection key
    A hashed combination of fields that provided a way to identify and tie a detection to a vulnerable item. It is composed of: vulnerability entry, port, protocol, discovered item, and proof.
    De dup
    The process used by the Vulnerability Response application of collapsing of individual detections into a single VI when the data meets certain hard-coded criteria.
    VI External ID
    The value stored in the External ID field of the VI table. This value is a hash comprised of the combination of keys within a VI that represents what makes it unique within the application. It is composed of a CI and a vulnerable entry.

    View detection data

    You view the data imported from vulnerable item detections on the VI record. For more information, see View Vulnerability Response vulnerable item detection data and Verify Vulnerability Response vulnerable item detection data on integration run (VINTRUN) records.

    Related concepts
    • Vulnerability Response personas and granular roles
    • Vulnerability Response assignment rules overview
    • Vulnerability Response groups and group rules overview
    • Vulnerability groups and group rules overview (Prior to v10.0)
    • Machine Learning solutions for Vulnerability Response
    • CI Lookup rules for identifying configuration items from Vulnerability Response third-party vulnerability integrations
    • Creating CIs for Vulnerability Response using the Identification and Reconciliation engine
    • Discovered Items overview
    • Vulnerability Response group and vulnerable item states
    • Vulnerability Response calculators and vulnerability calculator rules
    • Vulnerability Response remediation target rules
    • Vulnerability Solution Management
    • Exception Management overview
    • Exception rules overview
    • False Positive overview
    • Change management for Vulnerability Response
    • Software exposure assessment using ITAM Software Asset Management (SAM)
    • Domain separation and Vulnerability Response

    Tags:

    Feedback
    On this page

    Previous topic

    Next topic

    • Contact Us
    • Careers
    • Terms of Use
    • Privacy Statement
    • Sitemap
    • © ServiceNow. All rights reserved.

    Release version
    Choose your release version

      Vulnerability Response vulnerable item detections from third-party integrations

      • Save as PDF Selected topic Topic & subtopics All topics in contents
      • Unsubscribe Log in to subscribe to topics and get notified when content changes.
      • Share this page

      Vulnerability Response vulnerable item detections from third-party integrations

      Starting with v10.0, view all of the information that is gathered by third-party scans in your Now Platform® instance. View the returned results of the scans on detection and vulnerable item (VI) records in your instance as these results are viewed on the scanners.

      Overview

      Starting with v10.0, the Vulnerability Response application supports third-party Integrations that retrieve vulnerable item data from your enterprise environment. Detailed data about detections, that is, single, distinct occurrences of vulnerabilities as reported by the scanners of your third-party integrations, are imported and displayed on both the detection and the vulnerable item records in your Now Platform instance.

      Prior to v10.0 vulnerable item detections, the relationship between a CI (asset) in your environment and an imported vulnerability from a third-party scanner created a unique vulnerable item in your Now Platform instance. Starting with v10.0, the granularity of the original data provided by the scanner is preserved. With detections, the detection data is paired with vulnerable items. During an ingestion, if a vulnerable item is not found, a new VI is created.

      Supported versions of Vulnerability Response

      Vulnerable item detections are supported by the Vulnerability Response application for v10.0 for the Madrid, New York, and Orlando family releases. For more information about installing or updating the Vulnerability Response application to v10.0, see Install and configure Vulnerability Response.

      Supported third-party integrations

      A supported third-party integration with your Vulnerability Response application is required for vulnerable item detections. Starting with v10.0, the following third-party integrations are supported by the Vulnerability Response application for vulnerable item detections:
      • Qualys Host Detection Integration
      • Rapid7 Data Warehouse:
        • Vulnerable Item Integration
        • Vulnerable Item Resolution Integration
      • Rapid7  Vulnerable Item Resolution Integration (InsightVM):
        • Insight VM integration
        • Vulnerable Item Integration - API

      These third-party integrations are available with a separate subscription from the ServiceNow Store. For more information about these integrations, see Vulnerability Response integrations and Security Operations and the ServiceNow Store for more information about obtaining entitlement.

      To verify that your third-party scanner is configured for import, see Install and configure the Rapid7 Integration for Security Operations application and Install the Qualys Vulnerability Integration.

      Key terms for vulnerable item detections

      Vulnerability
      Data about weaknesses in software, operating systems, and assets imported from internal and external sources. This data is imported and compared to existing assets (configuration items, CIs) listed in the CMDB.
      Vulnerable item
      A vulnerable item is created or updated when an imported vulnerability matches a CI in the CMDB.
      Detection
      A single, distinct occurrence of a vulnerability as reported by a scanner referred to as a Vulnerable Item Detection within the Now Platform environment. A detection includes enriched data about a vulnerability and any corresponding vulnerable items. This data is displayed on the Detection record (VID#) and the vulnerable item list view that includes the following details:
      • First found (data)
      • Last found (date)
      • DNS name
      • Net BIOSname
      • IP address
      • Port
      • Protocol
      • Proof
      • SSL
      • Times found
      Detection key
      A hashed combination of fields that provided a way to identify and tie a detection to a vulnerable item. It is composed of: vulnerability entry, port, protocol, discovered item, and proof.
      De dup
      The process used by the Vulnerability Response application of collapsing of individual detections into a single VI when the data meets certain hard-coded criteria.
      VI External ID
      The value stored in the External ID field of the VI table. This value is a hash comprised of the combination of keys within a VI that represents what makes it unique within the application. It is composed of a CI and a vulnerable entry.

      View detection data

      You view the data imported from vulnerable item detections on the VI record. For more information, see View Vulnerability Response vulnerable item detection data and Verify Vulnerability Response vulnerable item detection data on integration run (VINTRUN) records.

      Related concepts
      • Vulnerability Response personas and granular roles
      • Vulnerability Response assignment rules overview
      • Vulnerability Response groups and group rules overview
      • Vulnerability groups and group rules overview (Prior to v10.0)
      • Machine Learning solutions for Vulnerability Response
      • CI Lookup rules for identifying configuration items from Vulnerability Response third-party vulnerability integrations
      • Creating CIs for Vulnerability Response using the Identification and Reconciliation engine
      • Discovered Items overview
      • Vulnerability Response group and vulnerable item states
      • Vulnerability Response calculators and vulnerability calculator rules
      • Vulnerability Response remediation target rules
      • Vulnerability Solution Management
      • Exception Management overview
      • Exception rules overview
      • False Positive overview
      • Change management for Vulnerability Response
      • Software exposure assessment using ITAM Software Asset Management (SAM)
      • Domain separation and Vulnerability Response

      Tags:

      Feedback

          Share this page

          Got it! Feel free to add a comment
          To share your product suggestions, visit the Idea Portal.
          Please let us know how to improve this content

          Check any that apply

          To share your product suggestions, visit the Idea Portal.
          Confirm

          We were unable to find "Coaching" in Jakarta. Would you like to search instead?

          No Yes
          • Contact Us
          • Careers
          • Terms of Use
          • Privacy Statement
          • Sitemap
          • © ServiceNow. All rights reserved.

          Subscribe Subscribed Unsubscribe Last updated: Tags: January February March April May June July August September October November December No Results Found Versions Search preferences successfully updated My release version successfully updated My release version successfully deleted An error has occurred. Please try again later. You have been unsubscribed from all topics. You are now subscribed to and will receive notifications if any changes are made to this page. You have been unsubscribed from this content Thank you for your feedback. Form temporarily unavailable. Please try again or contact  docfeedback@servicenow.com  to submit your comments. The topic you requested does not exist in the release. You were redirected to a related topic instead. The available release versions for this topic are listed There is no specific version for this documentation. Explore products Click to go to the page. Release notes and upgrades Click to open the dropdown menu. Delete Remove No selected version Reset This field is required You are already subscribed to this topic Attach screenshot The file you uploaded exceeds the allowed file size of 20MB. Please try again with a smaller file. Please complete the reCAPTCHA step to attach a screenshot
          Log in to personalize your search results and subscribe to topics
          No, thanks Login