Vulnerabilities database import

Marco26
Kilo Contributor

Hello,

We are working on an SecOps Vulnerability Response opportunity where customers is looking for to import vulnerability entries from following sources:

find_real_file.png

What is the best way to do it? 

Thx,

Marco

11 REPLIES 11

Stephen Laseau
Kilo Guru

Not sure I understand your question, but to bring in both a vulnerability definition database and instances of vulnerabilities on assets, the customer must implement a vulnerability scanner such as Qualys, Tenable or Rapid7.

Thanks Stephen. Is it possible to import vulnerability definition database without activating a scanner?

Yes, the vulnerability response application has a built-in integration with NIST.  You should find the integration at Vulnerability Response > Administration > Integrations.  Here you will see integration for NIST National Vulnerability Database Integration.  This is where you activate/deactivate.  Do not change in any other way.

You can read up on this on docs site.  Be sure to select the correct SN app version.

https://docs.servicenow.com/bundle/rome-security-management/page/product/secops-integration-vr/nvd/concept/nvd-vuln-integration.html

hi @Stephen Laseau  @Chris McDevitt 

I have a query . I imported vulnerabilities from an external source  (say McAfee ) . Once i have the vulnerabilities imported (sn_vul_entry) , i create the vulnerable item record in the sn_vul_vulnerable_item table  .

 

My question is , what role does the NVD play here . Will Servicenow check the vulnerability in the NVD table (sn_vul_nvd_entry) before creating the vul item ? whats the role of NVD database when i import vulnerabilities from an external source .