Home Paris Security Incident Management Security Operations Vulnerability Response Installation of Vulnerability Response and supported applications Optional Vulnerability Response setup tasks Configure the vulnerable item key

Configure the vulnerable item key

Configure the granularity of the vulnerable item (VI) key in the Vulnerability Response application to define what makes a vulnerable item (VI) in your organization.

Before you begin

Role required: admin

Starting with v10.3, persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

Key terms

Configuration item (CI): An existing asset listed on your CMDB.

Vulnerability: A record of a known vulnerability imported from the National Institute of Standards and Technology (NIST), National Vulnerability Database (NVD), Common Vulnerabilities and Exposures (CWE), or third-party integrations with Vulnerability Response.
Vulnerable item: A vulnerable item is created when an imported vulnerability matches a configuration item in your CMDB.
Detection: A single, distinct occurrence of a vulnerability as reported by the scanners of your third-party integrations. Detections are imported and displayed on both the detection and the vulnerable item records in your instance. Also referred to as a Vulnerable Item Detection.

By default, a vulnerable item is a unique combination of a configuration item (CI), a vulnerability, and an integration instance. To create vulnerable items with more granularity, add unique ports from vulnerable item detections to help you manage remediation of vulnerabilities at the level you feel is most effective for your organization.

If you want to create vulnerable items with more granularity, configure the vulnerable item key so that it includes port. When Include port is enabled, vulnerable items are created by unique ports from vulnerable item detections.

Choose an option from the following table to enable the Include port option.

Table 1. Three scenarios for enabling the Include port option with the VI key for the first time
If...	Description
One or more of the following conditions is true: You are upgrading from a version of Vulnerability Response prior to v10.0 that did not support vulnerable item detections. You are a new customer and you have no Vulnerability Response data (vulnerable items or vulnerable item detections) in your Now Platform® instance. You have already deleted all your vulnerable item records and related data in your instance and you are ready to build all your Vulnerability Response data starting with a fresh import to include VIs distinguished by unique port.	Enable Include Port. After Include port is enabled, imported detections create vulnerable items that include VIs distinguished by unique port starting with the next import.
Both conditions are true: You have v10.0 or later of Vulnerability Response and you have existing Vulnerability Response data (vulnerable items or vulnerable item detections) in your instance that you want to preserve. You want to start creating new vulnerable items to include VIs distinguished by unique port.	Enable Include port. Your existing detections and their associated vulnerable items will be preserved. After Include port is enabled, new detections create new vulnerable items that include VIs distinguished by unique port starting with the next import.
Both conditions are true: You have v10.0 or later of Vulnerability Response. You have existing Vulnerability Response data (vulnerable items or vulnerable item detections), but you do not want to preserve your existing data, because you prefer to build your vulnerability data starting from a fresh import and you want to include VIs distinguished by unique port.	Delete all your vulnerable item records and related data from your instance. Enable Include port. After Include port is enabled, new detections create new vulnerable items that include VIs distinguished by unique port starting with the next import.

Note:

If the Include port option is enabled, more than one vulnerable item may be created for a configuration item. For example, if a vulnerability exists for two ports on a configuration item, ports 80 and 443, two unique VIs are created, one for each port starting with the next import.

Note: Be sure you want to create VIs to include VIs by unique ports before you enable this feature. Once you enable the VI key to include port, you must first delete your Vulnerability Response data before you can disable Include port and return to importing vulnerability data using the default VI key granularity, that is, where VIs are created for port but not distinguished by a unique port. For more information about deleting your vulnerability data, See Delete all your vulnerable item records and related data in Vulnerability Response.

Procedure

Navigate to Vulnerability Response > Administration > Configure VI granularity.

The Last Updated field displays the date the VI key was last configured.
Click the Include Port check box to enable it.
Click Save.
The Confirmation dialog is displayed.
If you have no vulnerable item detection records in your instance, both vulnerable item detections and vulnerable items are created by unique port starting with your next import.
If you have existing vulnerable item detections and vulnerable items in your instance, existing detections and associated vulnerable items will be preserved. New detections create new vulnerable that include VIs distinguished by unique port starting with the next import.

What to do next

Verify vulnerable items by port are displayed on the vulnerable item detection and vulnerable item records. For more information, see View Vulnerability Response vulnerable item detection data.

Previous topic

Next topic

Release version

Configure the vulnerable item key

Configure the granularity of the vulnerable item (VI) key in the Vulnerability Response application to define what makes a vulnerable item (VI) in your organization.

Before you begin

Role required: admin

Key terms

Configuration item (CI): An existing asset listed on your CMDB.

Vulnerability: A record of a known vulnerability imported from the National Institute of Standards and Technology (NIST), National Vulnerability Database (NVD), Common Vulnerabilities and Exposures (CWE), or third-party integrations with Vulnerability Response.
Vulnerable item: A vulnerable item is created when an imported vulnerability matches a configuration item in your CMDB.
Detection: A single, distinct occurrence of a vulnerability as reported by the scanners of your third-party integrations. Detections are imported and displayed on both the detection and the vulnerable item records in your instance. Also referred to as a Vulnerable Item Detection.

Choose an option from the following table to enable the Include port option.

Table 1. Three scenarios for enabling the Include port option with the VI key for the first time
If...	Description
One or more of the following conditions is true: You are upgrading from a version of Vulnerability Response prior to v10.0 that did not support vulnerable item detections. You are a new customer and you have no Vulnerability Response data (vulnerable items or vulnerable item detections) in your Now Platform® instance. You have already deleted all your vulnerable item records and related data in your instance and you are ready to build all your Vulnerability Response data starting with a fresh import to include VIs distinguished by unique port.	Enable Include Port. After Include port is enabled, imported detections create vulnerable items that include VIs distinguished by unique port starting with the next import.
Both conditions are true: You have v10.0 or later of Vulnerability Response and you have existing Vulnerability Response data (vulnerable items or vulnerable item detections) in your instance that you want to preserve. You want to start creating new vulnerable items to include VIs distinguished by unique port.	Enable Include port. Your existing detections and their associated vulnerable items will be preserved. After Include port is enabled, new detections create new vulnerable items that include VIs distinguished by unique port starting with the next import.
Both conditions are true: You have v10.0 or later of Vulnerability Response. You have existing Vulnerability Response data (vulnerable items or vulnerable item detections), but you do not want to preserve your existing data, because you prefer to build your vulnerability data starting from a fresh import and you want to include VIs distinguished by unique port.	Delete all your vulnerable item records and related data from your instance. Enable Include port. After Include port is enabled, new detections create new vulnerable items that include VIs distinguished by unique port starting with the next import.

Note:

Procedure

Navigate to Vulnerability Response > Administration > Configure VI granularity.

The Last Updated field displays the date the VI key was last configured.
Click the Include Port check box to enable it.
Click Save.
The Confirmation dialog is displayed.
If you have no vulnerable item detection records in your instance, both vulnerable item detections and vulnerable items are created by unique port starting with your next import.
If you have existing vulnerable item detections and vulnerable items in your instance, existing detections and associated vulnerable items will be preserved. New detections create new vulnerable that include VIs distinguished by unique port starting with the next import.

What to do next

Verify vulnerable items by port are displayed on the vulnerable item detection and vulnerable item records. For more information, see View Vulnerability Response vulnerable item detection data.

How search works:

Topics are ranked in search results by how closely they match your search terms

Configure the vulnerable item key

Configure the vulnerable item key

On this page

Configure the vulnerable item key

Configure the vulnerable item key

Log in to personalize your search results and subscribe to topics