Third-party entry in vulnerability response
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-20-2024 02:45 PM
There are list of third-party entry records pulled from tenable as scanner but could not able to find any vulnerable items related to those third-party entry records. since third-party records will be populated only if a vulnerability is found in the infrastructure but no vulnerable items are found?
- Labels:
-
Vulnerability Response
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-25-2024 12:22 PM - edited ‎03-25-2024 12:23 PM
The third-party entry table holds all plugins (Tenable's reference to the vulnerabilities the scanner is looking for)not just those which have had a finding in the infrastructure. However, if based on integration schedules, a new vulnerability finding on a CI is discovered that hasn't been populated in the Third Party Entry table, a stump record will be created in the Third party entry table, so the VI can be created. The details of the Third Party Entry record build out with the next integration run that loads the Third Party table.
Some details from docs: https://docs.servicenow.com/bundle/washingtondc-security-management/page/product/secops-integration-...