Create a Vulnerability Response severity map

Vulnerability Response severity mapping transforms third-party source severity fields to recognizable fields in Vulnerability Response.

Before you begin

Role required: sn_vul.vulnerability_admin or sn_vul.admin (deprecated)

Persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For an initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

About this task

Vulnerability Response ships with National Vulnerability Database (NVD) to normalized ServiceNow severity mapping. ServiceNow third-party integrations such as the Qualys Vulnerability Integration provide severity mappings upon installation. These maps can be adjusted by changing the fields in existing maps.

Creating or editing a severity map is intended only for customized or non-standard third-party mappings in your environment.

Procedure

  1. Navigate to All > Vulnerability Response > Administration > Normalized Severity Mapping.
  2. Click New.
  3. Fill in the fields on the form, as appropriate.
    Table 1. Field mapping
    Field Description
    Source The name of the source for the severity mapping.
    Source value The source severity value.
    Target value The target severity value. Choices are:
    • 1- Critical
    • 2 - High
    • 3 - Medium
    • 4 - Low
    • 5 - None
  4. Repeat Step 3 for each source severity level.
  5. Click Submit.