Best solution for VITs with multiple locations of vulnerabilities

PJS_DFS
Tera Contributor

We have various VITs, like for QID-106032 (Apache Log4j 1.X Detected), where in the results there are a dozen or two locations of Log4j jar files.  In these instances, each of those locations in owned by a separate application team.

 

Is there a way to maybe use remediation tasks or another mechanism to assign a VIT to multiple teams at once?  OR is ServiceNow limited to ONE VIT to ONE Team?

 

Looking for any help I can use to assist our remediation teams.

Thanks!

2 REPLIES 2

Martin Dewit
Kilo Sage

At this time I don't think the Qualys integration supports multi-proof detections. Each scanner integration has its own detection key configurations. See "Key terms for vulnerable item detections" here: https://docs.servicenow.com/csh?topicname=vr_host_detections.html&version=latest 

Thanks!  That is what I keep running into in all the docs I have seen.  Seems Rapid7 has two more detections keys than the other major integrations.  Just wondering how others have overcome this...