Best solution for VITs with multiple locations of vulnerabilities
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-11-2024 06:01 AM
We have various VITs, like for QID-106032 (Apache Log4j 1.X Detected), where in the results there are a dozen or two locations of Log4j jar files. In these instances, each of those locations in owned by a separate application team.
Is there a way to maybe use remediation tasks or another mechanism to assign a VIT to multiple teams at once? OR is ServiceNow limited to ONE VIT to ONE Team?
Looking for any help I can use to assist our remediation teams.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2024 05:01 AM
At this time I don't think the Qualys integration supports multi-proof detections. Each scanner integration has its own detection key configurations. See "Key terms for vulnerable item detections" here: https://docs.servicenow.com/csh?topicname=vr_host_detections.html&version=latest
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2024 05:34 AM
Thanks! That is what I keep running into in all the docs I have seen. Seems Rapid7 has two more detections keys than the other major integrations. Just wondering how others have overcome this...