The impact of healthy CMDB on the Vulnerability Response Management (VRM) in ServiceNow
One of the question you might get from your client while implementing Vulnerability Response in ServiceNow is that wondering how the CMDB could impact the VR management. Before answering the question it's good to look at how Vulnerability Response (VR) helps some of the team:
- The security teams: helps managing significant amounts of vulnerability data
- Operational teams: can easily perform actions to remediate vulnerabilities.
VR does this by integrating with third-party vulnerability tools like Qualys, Tenable, Rapid7 to mention some and brings identified vulnerabilities into ServiceNow. The ServiceNow workflow has string capabilities to manage and automate the vulnerability response process from there by saving time and resources.
The ServiceNow VR uses data from configuration items (CIs) in the ServiceNow CMDB to add
- Business context to vulnerabilities.
- Helps to prioritize and assign ownership for remediation of that vulnerability.
If that is the case how do you use CI lookup rules to ensure accuracy when matching CIs with vulnerabilities to get those benefits? If the vulnerability scanner finds a system that’s not yet in the CMDB, an extended CI is created that must then be reconciled and brought into the CMDB as a permanent CI. To make sure you’re not adding duplicate CIs to your CMDB (and adding extra work for yourself) during reconciliation, you can create and refine the CI lookup rules that define what fields have matching data in the CMDB.
You can use the following matching process to mitigate issues with duplicate CI creation:
To conclude it's beneficial and vital to have a healthy CMDB for effective and efficient Vulnerability management. Since CMDB and CI matching are key to the effectiveness of ServiceNow VR, it’s critical to properly populate your CMDB and keep your CMDB up to date and healthy.
Thanks,
Mohammed Kemal.
Click Helpful, if this help you in anyway and here 👇 is how you can Bookmark the article for future easy access.
