Discovered items and related vulnerability items are getting created for unknown classes?

sai yaswanth ku
Giga Expert

how to stop creating discovered items for unwanted classes so that it does not create vulnerable items related to that? or how to stop vulnerable items getting created for particular classes of discovered items?

for example:

some xyz configuration item/discovered item is greating created in servicenow with respective classes
incomplete ip identified device

unclassed hardware

unmatched ci

But security teams do not want vulnerable items getting created for those configuration items/discovered items.
@joe_harvey #vulnerabilityresponse #secops #sandiego

3 REPLIES 3

Shivam Sarawagi
ServiceNow Employee
ServiceNow Employee

Hi,

 

You might have to then customize the script include which is parsing the payload and also script include ImportHost to do nothing if you don't find any match via CI lookup rules. I am not sure which integration you talking about here.

This is regarding Vulnerability Response integration API

ersureshbe
Giga Sage
Giga Sage

Hi, if you want to stop the CI creation you should understand the source of CI creation. I assume your assignment is having discovery, SCCM , Manual Feed or Integration to create / update the CIs. You should limit the CI creation of specified classes in the mentioned options. No need to change anything under vulnerable codes.

Regards,

Suresh.

Regards,
Suresh.