Manually Import Vulnerability Data into Vulnerability Module

derocheb
Kilo Contributor

‎05-03-2017 08:50 AM

I'm currently evaluating the vulnerability response module in ServiceNow. Is there a way to manually import vulnerability data into ServiceNow to see how the filters will actually work without fully integrating with one of our vulnerability scanners.

Secondary question - How do I create a single rotating ticket per CMDB support group with the applicable vulnerability data?

Labels:
0 Helpfuls
  • 2,372 Views
10 REPLIES 10

Dave Smith1
ServiceNow Employee
ServiceNow Employee

‎05-03-2017 09:03 AM 

Brett Deroche wrote:


Is there a way to manually import vulnerability data into ServiceNow to see how the filters will actually work without fully integrating with one of our vulnerability scanners.

Yes - import sets. However, using those instead of the provided integrations may mean you could miss kicking off some workflows and other actions (like BRs) so I'm not sure if it's a valid test.



Brett Deroche wrote:

Secondary question - How do I create a single rotating ticket per CMDB support group with the applicable vulnerability data?

You'll probably want to look at Vulnerability Groups - each vulnerable item can become a member of a group (or two) and this group criteria can be used to auto-assign support groups.   From there, expect individuals within the support group to cherry-pick VITs to work on, in much the same way that incidents assigned to a group will have group members picking specific tasks to work upon.


Inactive_Us1587
Kilo Contributor
In response to Dave Smith1

‎03-07-2018 06:07 AM

Hi Dave,

 

 I am working on some similar type of requirement we have internal application analyzing all the vulnerabilities via Qualys and we receive an excel sheet which is manually sorted out from a team and then issues are mailed.

 

 I made a quick check with Import sets and with the Data enrichment mapping modules if you can please help me out if possible importing excel sheet in this Vulnerability Plugin and then processing this data to create Tickets (Vulnerable items kind of ) using assignment of Vulnerability Groups.Any possible way to implement this ?

 

 

Thanks in advance,

Panther

0 Helpfuls

SeanBarrett
ServiceNow Employee
ServiceNow Employee

‎05-03-2017 09:16 AM

Hi Brett.   Are you on Istanbul?



To address your second question first:   In Istanbul, there are 'vulnerability groups' that allow you to manage many instances of like vulnerabilities on multiple CIs (potentially) where the vulnerability remediation or exception policy may be common.   This grouping can be assigned to a single support group. Check out our docs on this: Vulnerability groups



As for manually importing vulnerability data, you can do so one time or on a scheduled basis a few different ways.   The most basic way is importing an excel/csv and transforming the data elements to their relative fields on the vulnerability tables.   I'm assuming these are found vulnerabilities extracted from your scanning utility?   You may be looking to import these directly the 'vulnerability item' table.   Check out the docs for this:   Import Sets key concepts



Hope this helps.
Sean


SeanBarrett
ServiceNow Employee
ServiceNow Employee
In response to SeanBarrett

‎05-03-2017 09:20 AM

Aaannnnddd Dave beat me to it


0 Helpfuls