Who needs to be in the room for a Vulnerability Response Workshop
You need the right people in the room to have an effective Vulnerability Response (VR) Management deployment from the beginning. It is critical that key resources and owners of business processes be informed and engaged in understanding the impact VR will have on their work and provide meaningful guidance for the business as a whole. Getting everyone involved early and with a clear shared mission
Key resources:
- ServiceNow platform team – The ServiceNow platform team will own and maintain ServiceNow VR. Some organizations elect a member or members from the vulnerability response team to own the VR administration duties.
- Vulnerability Response technical administrators – These administrators are responsible for the administration and configuration of ServiceNow VR and third-party vulnerability response applications (like Qualys, Rapid7, and Tenable).
- Vulnerability Response business process owner – This person is responsible for vulnerability response policies and procedures.
- Vulnerability Response analysts – Conduct day-to-day vulnerability response activities, such as assigning remediation activities, tracking remediation progress, and acting as an escalation point for remediation teams.
- Remediation teams – These teams handle the remediation activities, like patching, on identified vulnerabilities.
- Exception team – Manage exceptions to the process-related vulnerability remediation activities that need to be differed.
- Change Management team – Provides critical support for the remediation team when working through the change management process to perform remediation.
- ServiceNow Configuration Management Database (CMDB) team – Provides expertise on the setup and maintenance of your ServiceNow CMDB for integration with ServiceNow VR.
- CISO (or CSO) – Frequently acts as the executive sponsor and must support the implementation for it to be successful. Keep posted on progress but not required for the workshop.
For further preparation, see the Vulnerability Response Process Workshop and Vulnerability Response Kickoff presentations on NowCreate.
