NIST NVD entries into ServiceNow

Dipin · ‎03-18-2019

Hi All,

I would like to know about certain points for importing CVE's into ServiceNow through NIST NVD data base :

1) NVD data feeds table 'sn_vul_nvd_repo' shows Recent and Modified, what is the significance and difference between the entries stored in Recent and Modified

2) In the above table, the entries are segregated year wise, so on the onset of New year will be record be automatically created or we need to create record for new year manually and then give the appropriate NVD link to import the CVE's/vulnerabilities. What is the recommended approach ?

Thanks.

Regards,
Dipin

andy_ojha · ‎03-19-2019

Hi Dipin,

1) Per the NIST documentation:

"recent" feeds are a list of recently published vulnerabilities
"modified" feeds are a list of recently published and modified vulnerabilities
These feeds are updated approximately every two hours and reflect data from the past 8 days

https://nvd.nist.gov/vuln/data-feeds

2) You will need to configure a new entry for each year as time goes forward (e.g. 2019, 2020).

This is also true for Madrid where CVSS v3 support / integration was introduced.
This is referenced here in the docs:
- https://docs.servicenow.com/bundle/madrid-security-management/page/product/vulnerability-response/task/t_AddNVDDataFeeds.html

View solution in original post

andy_ojha · ‎03-19-2019

Hi Dipin,

1) Per the NIST documentation:

"recent" feeds are a list of recently published vulnerabilities
"modified" feeds are a list of recently published and modified vulnerabilities
These feeds are updated approximately every two hours and reflect data from the past 8 days

https://nvd.nist.gov/vuln/data-feeds

2) You will need to configure a new entry for each year as time goes forward (e.g. 2019, 2020).

This is also true for Madrid where CVSS v3 support / integration was introduced.
This is referenced here in the docs:
- https://docs.servicenow.com/bundle/madrid-security-management/page/product/vulnerability-response/task/t_AddNVDDataFeeds.html