
Administrator
Options
- Post History
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
10-17-2024 11:23 AM - edited 05-30-2025 12:04 PM
Resource Library: Unified attack surface management
Product Areas:
General Topics (A-Z):
Solutions, Features & Descriptions
- Vulnerability Response (VR) aims to guide Vulnerability Analysts and IT Remediation Owner stakeholders in effectively managing vulnerabilities identified within their environment, including increased collaboration, automated assignment, workflow-driven remediation tasks, and a business service context-aware risk scoring.
- Application Vulnerability Response (AVR) is a solution that handles vulnerabilities that arise through in-house application development operations. Application Vulnerability scanners can find security flaws in code written during build (SAST), in open-source libraries included in a software's dependencies composition (SCA), or in application behavior at runtime (DAST).
- Container Vulnerability Response (CVR) is the solution for scanning for security vulnerabilities in containerized applications and working with Application Owners and DevOps Engineers to make the changes to container images required to fix the vulnerabilities found.
- Configuration Compliance (CC) is a Secure Configuration Assessment (SCA) application that aggregates scan results from integrations with third-party configuration scanning applications.
- Security Posture Control (SPC) provides a single place to view security tool protection status and vulnerability scan coverage for cloud and infrastructure assets, allowing security teams to spot high-risk combinations and improve their security posture.
- Software Bill of Materials (SBOM) enables organizations to ingest SBOMs, view the open source and third-party software components that are being used in their application development, assess the present risk, and respond to reduce the overall risk to the attack surface.
- Software Exposure Assessment enables Security Teams to leverage data from their ServiceNow Platform Software Asset Management (SAM) application to assess their potential risk exposure based on having certain software deployed in their environment.
- The Unified Vulnerability Response and Attack Surface Dashboard is a single place to view aggregated attack surface data for all assets across an organization, providing visibility into business-critical assets, vulnerabilities, and remediation efforts to drive risk prioritization.
- The Vulnerability Response Health Dashboard highlights the areas of an organization's VR implementation (including AVR, CC, and CVR) that need improvement and provides recommendations on how to remediate identified issues.
- Penetration Testing Management in AVR can request, schedule, and execute penetration testing engagements for applications.
- Patch Orchestration enables you to manage patches and patch deployments for critical vulnerabilities for large groups of your assets with integrations in VR.