Your vulnerability management program tracks CVEs. Your scanners find them, your analysts prioritise them, your remediation owners patch them. But what about the misconfiguration that made three of those CVEs exploitable in the first place? An ove...
What this integration brings into ServiceNow With a single install, the integration covers three core AWS security scenarios: Host and Lambda vulnerabilities from AWS Inspector & Security Hub flow into Vulnerable Items (VITs) in USEM Vulnerability Re...
We are excited to announce the general availability of the Microsoft Defender Incident ingestion integration with ServiceNow Security Incident Response (SIR). This integration brings unified, bi-directional alert and incident synchronization between ...
USEM Launch Details USEM - Unified Security Exposure Management - is the next evolution of Vulnerability Response (VR) USEM features are made available in Vulnerability Response v30x Vulnerability Response v30x was officially launched and released...
ServiceNow training and certification sets you and your business up for success, which is why it’s critical to make training an essential part of your ServiceNow program. By building the right skills, you can deliver more value more quickly, increase...
If you're planning to attempt the ServiceNow CIS‑VR (Vulnerability Response) certification, the right preparation strategy makes all the difference. Based on my experience, a structured + smart revision approach works best. Here’s how you can efficie...
ServiceNow's Security & Risk Customer Community Event: Nexus Security & Risk As AI reshapes the security and risk landscape, staying connected with the community tackling these challenges has never been more important. We'd like to invite our Servi...
The "Success with Vulnerability Response" series of recommended practices deep-dive webinars continues. One of the most requested topics by customers via our customer voice questionnaire is VR Integrations, and as a result, we conducted a recommended...
Today's cloud security teams handle large volumes of exposure findings every day, where most of the noise drowns out the few items that genuinely need immediate action. The data is there, the tools are there. What's short is time, and time runs even ...
As you explore USEM (VR v30x), either as an existing customer that has recently migrated or as a brand new customer starting your journey, you will need to make a plan for managing and promoting your configurations (aka USEM rules) between Service...
ServiceNow is excited to announce the release of the ServiceNow Store Application “Vulnerability Response Integration with Wiz”, scheduled for general availability on July 31, 2025. This is a brand-new Store App integration – built, managed and sup...
USEM Reference Guide: What's Changing for Exception Approver Personas If you’re wondering what's changing for Exception Approvers with your upgrade to Vulnerability Response v30x, the reimagined VR experience Unified Security Exposure Management...
Overview When accessing the On-Call Notification Preferences section inside the Security Incident Response (SIR) Workspace, users may encounter two related issues: The "Edit" button does not open the expected modal/popup for editing delivery channels...
When working in the Security Incident Response (SIR) Workspace, users who create a new Shift Handover record may encounter a situation where clicking the declarative action button "Change to In Progress State" has no effect — the state remains as Dra...
Your vulnerability management program tracks CVEs. Your scanners find them, your analysts prioritise them, your remediation owners patch them. But what about the misconfiguration that made three of those CVEs exploitable in the first place? An ove...
What this integration brings into ServiceNow With a single install, the integration covers three core AWS security scenarios: Host and Lambda vulnerabilities from AWS Inspector & Security Hub flow into Vulnerable Items (VITs) in USEM Vulnerability Re...
We are excited to announce the general availability of the Microsoft Defender Incident ingestion integration with ServiceNow Security Incident Response (SIR). This integration brings unified, bi-directional alert and incident synchronization between ...
Are you attending Knowledge 26 in Las Vegas May 5-7? This year's Knowledge is a milestone moment for the Security & Risk portfolio with a number of exciting announcements and showcases. Expand your Security knowledge by joining sessions, hands-on lab...
The Problem When configuring the native Microsoft Defender connector in ServiceNow SIR, the connection test fails with an authorization error — even when the required API permissions appear to be configured in Azure. Root Cause The permissions were ...
USEM Reference Guide - What's Changing for IT Remediation Owner Personas If you've recently upgraded to Vulnerability Response v30x with USEM functionality, your IT Remediation Owners may be asking: "Why do I now see three different places to do...
USEM Launch Details USEM - Unified Security Exposure Management - is the next evolution of Vulnerability Response (VR) USEM features are made available in Vulnerability Response v30x Vulnerability Response v30x was officially launched and released...
Thank you to everyone who has been joining our Unified Security Exposure Management (USEM) Office Hours. Below you'll find a summary of the top frequently asked questions and answers curated from our USEM Office Hours series. We've also attached the ...
Our "Success with Vulnerability Response" series of recommended practices deep-dive webinars continues. We recommend all Vulnerability Management programs have an approved exception process, to maintain compliance with company policies. ServiceNow p...
Join us May 5–7 in Las Vegas for Knowledge 2026, where you can speak with members of the ServiceNow Security Organization. We’ll be at the Knowledge Expo (Venetian Expo, Level 2) all three days, plus you can check out the Now on Now sessions below to...
Overview: With the ingestion of many different assets from many different scanners, we may run across the situation where we have items in the “unmanaged” ci class tables of Unclassed hardware [cmdb_ci_unclassed_hardware], Incomplete IP Identified De...
Sarah Wood
ServiceNow
LisaLatour
Eric Feron
Mary Hain
seanflack
Steph Morillo
