Best Practice & Use Cases for implementing the Notifications for Vulnerability Response

Venkatesh-S
Kilo Contributor

Tuesday

Hi Everyone,

 

I am looking for some guidance on the best practices and most effective use cases for implementing Vulnerability Response notifications.
 
I understand that triggering notifications for every VIT (Vulnerable Item) creation or assignment is likely not the best approach, as it could strain instance resources when dealing with millions of items daily.
 
While I am already planning to include notifications for False Positive and Exception approvals, I was wondering if there are any other recommendations for notifications that would help manage the vulnerability lifecycle more efficiently?
 
I would appreciate any advice or insights you can share!
 
Thanks in advance
0 Helpfuls
  • 243 Views
3 REPLIES 3

Dave Winsor
Giga Expert

Tuesday

Agree on the volume of VIT notifications. We came to the same conclusion and turned off all automatic notifications. We opted to point people to a singular dashboard landing page with multiple tabs for various use cases and created scheduled reports for email notifications where needed.

0 Helpfuls

Martin Dewit
Kilo Sage

Tuesday

Agreed as well. There are no out of box notifications for VITs/VULs. There are for approvals and exceptions. However, there is the ITRO Digest; aka IT Remediation Owner digest. We have implemented this one. It is a weekly digest sent to every remediation owner with the progress from the last 7 days and any new vulnerabilities assigned to the team or individual.

 

Reference: https://www.servicenow.com/docs/r/security-management/vulnerability-manager-workspace/vr-ws-email-no... 

0 Helpfuls

Tanushree Maiti
Kilo Patron

Tuesday

Hi @Venkatesh-S 

 

Follow these servicenow Documentation:

Set up email notifications in the Vulnerability Response Workspaces 

Define Vulnerability Response email notifications 

Vulnerability Response release notes 

https://www.servicenow.com/community/developer-forum/best-practice-for-implementing-notifications-fo...

 

 

 

Please mark this response as Helpful & Accept it as solution if it assisted you with your question.
Regards
Tanushree Maiti
ServiceNow Technical Architect
Linkedin:
0 Helpfuls