VR - Vulnerabilities for AWS resources that do not support scanners installed on them.

dan167 · ‎08-08-2025

How is everyone getting vulnerabilities into ServiceNow for resources that do not support a scanner being installed on them? We have scanners like tanium, tenable, microsoft tvm.

Looking at using the AWS Connector to bring over security findings but this does not integrate with VR just ITSM.

Trying to look at options before we try to setup something custom.

kenmcneil · ‎08-08-2025

We use Wiz for vulnerabilities and have connected It to SN, allowing us to create tickets for those vulnerabilities. We are looking to use the AWS SGC to import CIs that can be used in the tickets that Wiz creates.

dan167 · ‎08-08-2025

I don't think we are license for container VR. Just App and Host.

william_tran · ‎08-08-2025

Hey Dan,

Unfortunately, I don't believe there is an OOTB integration with AWS Security Hub to pull in Security Findings from AWS directly into VR.

If I check out the ServiceNow Store, we have an integration with AWS Security Hub with SIR, and there is another integration for AWS Security Hub that plugs into ITSM.
SIR: https://store.servicenow.com/store/app/d049a7ae1be06a50a85b16db234bcb7f
ITSM: https://store.servicenow.com/store/app/92a738321b4a2250c43e65b2604bcb4f

I'd recommend submitting a request on the idea portal (Link) to ensure that the Product team is aware that there is interest in this type of VR integration.

Best,

William

dan167 · ‎08-08-2025

thanks I have created the idea. AWS Service Management Connector is the plugin we are thinking about using at the moment as it brings over CMDB data and security hub findings. I will need to think of a way to get them into VR tables though.