Vulnerability Groups & Vulnerable Items

derocheb
Kilo Contributor

‎05-16-2017 08:41 AM

Good Morning,

I'm looking at the feasibility/usability of integrating a vulnerability scanner w/the SecOps module of ServiceNow. When creating a vulnerability group per vulnerability per support group, will the vulnerable items still show up in the respective support group's queue?

I'm also open to hearing how y'all are integrating a vulnerability scanner and disseminating the vulnerabilities to the asset owners.

Labels:
0 Helpfuls
  • 1,184 Views
5 REPLIES 5

derocheb
Kilo Contributor
In response to tstocking

‎04-13-2018 12:50 PM

The CMDB already had that information populated, so it was fairly easy in terms of reporting after that. If you don't have that type of information already in the CMDB, it's going to be a long road forward for this integration. Any support groups that you'd use would be static and wouldn't scale well. I can't envision a way to leverage the data brought in by the integration in an efficient manner if the support groups aren't already populated. Anything you configure statically, will likely change in the next year and will require a manual configuration change each and every time.