About Manual Intake of Vulnerability Information.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2025 04:21 AM
SeqOps-VR's vulnerability management provides an OOTB feature for manual capture of vulnerabilities.
Reference:
There are also three types of vulnerabilities: infrastructure vulnerabilities, application vulnerabilities, and container vulnerabilities.
The manual ingest feature above is written like a feature for infrastructure vulnerabilities, but is a feature for manual ingestion of vulnerabilities provided for application vulnerabilities and container vulnerabilities?
*For penetration testing of application vulnerabilities, the procedure was to register data from the form screen as shown below.
https://www.servicenow.com/docs/ja-JP/bundle/utah-security-management/page/product/vulnerability-app...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2025 12:52 AM
@Ohki_Yamamoto , I am seeking further clarification regarding the manual ingestion feature in vulnerability management, especially in the context of application vulnerabilities and container vulnerabilities. Could you provide the use cases for the manual ingestion of these vulnerability types.
Thanks,
Sarath S
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-10-2025 03:04 AM
@Ohki_Yamamoto There is tentative plan to have capability to Upload / Ingest Manual Intake of Vulnerability Information for application and container VR based on number of requests.
Some infrastructure vulnerability fields include IP, MAC address, FQDN, and more.
Can you please point out the fields ( like CVE, CWE, Created by, Impact, Resolution, URL, port) that you might want have in for Application vulnerability response and Container vulnerability response while manual Upload / Ingestion in servicenow
Thanks
Mirav T. Mehta
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-12-2025 06:35 AM
@MiravTMehta @Sarath S
Thank you very much.
Currently, we do not have specific requirements on what items should be manually imported for application vulnerabilities and container vulnerabilities.
I wanted to check if OOTB has the ability to manually import application vulnerabilities and container vulnerabilities, but I guess that means OOTB does not currently have it?
Do I have to manually create them from the form screen?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-12-2025 07:49 AM
We're actively working on this capability to ship OOTB based on current customer feedback. To ensure we address your specific needs, use cases and incorporate same, please do contact our Product Success team or your ServiceNow Champion.
Thanks
Mirav T. Mehta