Vulnerabilities database import

Marco26 · ‎04-07-2022

Hello,

We are working on an SecOps Vulnerability Response opportunity where customers is looking for to import vulnerability entries from following sources:

What is the best way to do it?

Thx,

Marco

Stephen Laseau · ‎04-07-2022

Not sure I understand your question, but to bring in both a vulnerability definition database and instances of vulnerabilities on assets, the customer must implement a vulnerability scanner such as Qualys, Tenable or Rapid7.

Marco26 · ‎04-07-2022

Thanks Stephen. Is it possible to import vulnerability definition database without activating a scanner?

Stephen Laseau · ‎04-07-2022

Yes, the vulnerability response application has a built-in integration with NIST. You should find the integration at Vulnerability Response > Administration > Integrations. Here you will see integration for NIST National Vulnerability Database Integration. This is where you activate/deactivate. Do not change in any other way.

You can read up on this on docs site. Be sure to select the correct SN app version.

https://docs.servicenow.com/bundle/rome-security-management/page/product/secops-integration-vr/nvd/concept/nvd-vuln-integration.html

Gary22 · ‎04-26-2022

hi @Stephen Laseau @Chris McDevitt

I have a query . I imported vulnerabilities from an external source (say McAfee ) . Once i have the vulnerabilities imported (sn_vul_entry) , i create the vulnerable item record in the sn_vul_vulnerable_item table .

My question is , what role does the NVD play here . Will Servicenow check the vulnerability in the NVD table (sn_vul_nvd_entry) before creating the vul item ? whats the role of NVD database when i import vulnerabilities from an external source .