February Store Releases and Updates

Vulnerability Response

Version 13.0.3

Available on: Quebec, Paris, Orlando

New Features:

Reapply CI Lookup Rules: If you change your CI lookup rules, reapply them on-demand to reconcile selected discovered items with the CMDB, without having to reimport all the asset data.

Vulnerability Response Integration with NVD: The integration with the NIST National Vulnerability Database (NVD) now imports both CVE and CPE information to better understand your vulnerability exposure. This integration uses the latest NIST JSON API, and is available as a separate store app. 

Security Champion Overview: In Application Vulnerability Response, Security champions can now gain insight into their organization’s vulnerability exposure and security posture on the Security Champion Overview dashboard by viewing results for scanned applications.

Service Classifications for Performance Analytics: Configure the kinds of service CIs to include in business scorecard reports.

CISO Dashboard: New dashboard provides executives with Key Performance Metrics (KPIs), areas that have the highest risk, and reports along with recommendations for lowering risk.

Enhancements:

Case Sensitive Condition Builder: Choose if you want to use case-sensitivity for search criteria you enter in the Conditions builder used for assignment rules, group rules, remediation target rules, and other forms. By default, the text you enter for filter conditions is not case-sensitive.

Configuration Compliance (v12.0.1)

New Features:

Remediation Status metrics: New Remediation status tabs on the test result group, compliance test, and policy records display status metrics for assets and policies that are out of compliance in your environment. Data is updated daily by a scheduled job.

Enhanced Change management: Create pre-populated change requests of varying types (emergency, standard, or normal), with test result remediation details automatically populated. For standard type changes, apply standard change templates. Test result groups are automatically resolved after change requests are implemented.

Reapply CI Lookup Rules: If you change your lookup rules, reapply them on-demand to reconcile selected discovered items with the CMDB, without having to reimport all the asset data.

Enhancements:

Case Sensitive Condition Builder: Choose if you want to use case-sensitivity for search criteria you enter in the Conditions builder used for assignment rules, group rules, remediation target rules, and other forms. By default, the text you enter for filter conditions is not case-sensitive.

Qualys Integration for Security Operations (v12.0.0)

Enhancements:

Enhanced Rescans: Introduced the ability to initiate scans from the vulnerability group, vulnerable item, third-party entry, and discovered item records. After the scan completes, view the Qualys scan results on the vulnerability scan record, any vulnerable items that were updated by the scan, and details for any assets that were not reached during scans.

Vulnerability managers can restrict rescans, by specifying that rescans for resolved items are available within certain time windows, or can only start at certain times.

Vulnerability Response Integration with Tenable (v2.1.1)

Enhancements:

CI Lookup Rule: With this enhancement, identify the assets across your environment that have the same IP Addresses and update the associated CIs

Tenable.sc Rescan: Initiate a tenable.sc rescan from discovered item records, and view IP addresses for assets not accessed during the scan on Tenable Vulnerability Scan records.

Rapid7 Integration for Security Operations (v12.0.1)

New Features:

Site Integration: Introduced “Rapid7 Site integration API” integration which ingests Sites data from Rapid7 Insight VM.

For Fixed and Removed, see full Release Notes on the ServiceNow Docs:

Vulnerability Response v13.0.3