The Vulnerability Response Integration with Claroty Continuous Threat Detection (CTD) uses vulnerability data imported from Claroty CTD to enable risk-based action within the production process.

Use this Vulnerability Response Integration with the ServiceNow® Operational Technology Vulnerability Response application to track, prioritize, and resolve vulnerabilities used in the production process.

The following image shows the process for the Vulnerability Response Integration with Claroty CTD.

Figure 1. Process for the Vulnerability Response Integration with Claroty CTD
Process for the Vulnerability Response Integration with Claroty CTD.

Before you run the Vulnerability Response Integration with Claroty CTD, you must run the National Vulnerability Database (NVD) integration. The NVD integration fetches published Common Vulnerabilities and Exposures (CVEs) from the NVD and populates them in ServiceNow. Then when you run the Vulnerability Response Integration with Claroty CTD application, the application identifies the vulnerabilities for each device and creates vulnerable items (VITs).

Each VIT has a relationship with an Operational Technology (OT) device, or Configuration Item (CI), and the vulnerability that's detected. The vulnerability integration framework establishes a connection with the Claroty Enterprise Management Console (EMC) and pulls the vulnerabilities for all OT devices.
Note: The Claroty CTD EMC platform insights API has a limitation of 10 CVEs. Therefore, only 10 CVEs are provided to ServiceNow by Claroty. However, the xDome platform doesn't have this limitation.

Key features

  • Import common vulnerabilities and exposures (CVEs) associated with Operational Technology (OT) devices from Claroty CTD. Create vulnerable items (VITs) to provide a single view of OT device vulnerability data and how it affects the production process.
  • Run imports of newly detected vulnerabilities automatically on your own schedule.
  • Use assignment rules to route VITs automatically for remediation to local site-based teams that can take risk-based actions.