Third Party Vulnerability Management Integration - Trend Micro, Holm Security, Microsoft Defender

anithanarayan · ‎08-04-2024

Hi Team,

Currently working with a customer for SecOps VR implementation. SIR is not implemented and not a purchased mdule as of now. The Vulnerability scanner details shared are as below along with the available integrations.

1. Trend Micro - Incident Integration is available -

https://www.youtube.com/watch?v=SmKQG1patVA

2. Holm Security - Incident Integration - https://support.holmsecurity.com/knowledge/how-do-i-setup-integration-with-servicenow

Question - What is the solution for VR integration ? Is a custom integration recommended. How simple/Complex is custom integration development ? Has it been done anywhere, please share details.

3. Microsoft Defender - Store Integration found for Microsoft Defender Threat and Vulnerability Management (MS TVM) - https://store.servicenow.com/sn_appstore_store.do#!/store/application/3aa063f90e31201021b86bb11fc55e...

Question - Is this the right integration I am looking at. I do not see any other OOTB integration for Vulnerability Management with Microsoft Defender. Should I ask the customer for the exact product of Microsoft Defender they are using ?

Any details and help around finding answers will be very helpful.

Thank You.

Anitha

Eliz Skogquist · ‎08-05-2024

Hi Anitha,

1. From review the Store.servicenow.com details, it appears the Trend Micro solution integrates with ITSM.

2. Holm security vulnerability scanning findings, would feed into VR for automation via a custom built integration. The ServiceNow docs sight highlights building one to align with the design used by our engineers, to allow you a means to control parallel processing with your integration loads. Read more here: https://docs.servicenow.com/bundle/washingtondc-security-management/page/product/vulnerability-respo...

3. What you highlighted is the integration plugin for Microsoft TVM data coming into VR.

Hope this helps!