Scanned Applications for AVR GitHub Vulnerability integration

Joanna17
Tera Contributor

‎08-21-2024 03:38 AM - edited ‎08-21-2024 03:39 AM

Hi,

 

Can someone explain the concept of the Scanned Applications within the Application Vulnerability Response module? (or even better - how it can be used in the GitHub integration)

Is the purpose of it similar to the Discovered Items in the Vulnerability Response? 

 

Searched through the docs, but haven't found anything that would explain this concept.

 

Thank you!

 

Labels:
0 Helpfuls
  • 819 Views
2 REPLIES 2

andy_ojha
ServiceNow Employee
ServiceNow Employee

‎08-22-2024 08:28 AM

Hey there,

 

You are correct - the `Scanned Applications` within Application Vulnerability Response, follows the same idea/framework of Discovered Items in Vulnerability Response.

 

Do you have access to the ServiceNow Support Portal?
 - This KB Article (available to customers with a Support login) has a great overview of how the Applications brought in from AVR scanners, are handled in SecOps AVR and tie-in's with CMDB.
 - https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1646006

 

Additional details:
 - This system property is notable for AVR -> [sn_vul.use_product_model]
 - This will determine the path for handling Applications brought in from AVR scanners, in terms of whether to use CSDM Product Models vs traditional CIs and CI Lookup Rules 
 - https://docs.servicenow.com/bundle/xanadu-security-management/page/product/vulnerability-app-vuln-mg...

 

For GitHub code scanning imports, the repos are treated like an Application in SecOps AVR - and visible on the `Scanned Application` table 

 - https://docs.servicenow.com/bundle/xanadu-security-management/page/product/secops-integration-vr/git...

 

 

hari969999
Tera Contributor

‎10-16-2024 08:24 AM

hi i need guidance on the following,  Creating OAuth 2.0 credentials for GitHub Apps - JWT for the GitHub Application Vulnerability Integration

0 Helpfuls