Vulnerability Group Rule fields

Alex248
Mega Expert

‎06-07-2018 06:57 AM

Hello!

I've install Vulnerability response module on my dev instance and trying to understang how it works in Kingston version.

The documentation says that Vulnerability Group role has additional sections: Group by and Assignment. But in fact I see only small part of requiremented fields.

find_real_file.png

Can somebody explain me why these tabs unavailable and how can I fix it?

 

Labels:
Preview file
60 KB
0 Helpfuls
  • 1,625 Views
5 REPLIES 5

Ravi135
ServiceNow Employee
ServiceNow Employee

‎06-07-2018 11:27 PM

Kingston has Group by ( Key1, Key2, Key 3) and Assignment ( Assign by - Assignment Group,Assignment Group Field,Assignment Rule).

 

find_real_file.png

Preview file
265 KB
0 Helpfuls

Dave Smith1
ServiceNow Employee
ServiceNow Employee

‎06-08-2018 12:22 AM

Have you attended any SecOps training at all?

Self-taught via documentation and experimentation is an admirable approach, but if you're looking to deploy and support this tool into a production instance, I really would recommend a more formal training programme. 

Given this is an application that can support and maintain the security posture of an organisation, there's quite a lot of risk weighing heavily upon a job done right.

As a query.. do you want to create Vulnerability Group Rules or Vulnerability Groups...?

0 Helpfuls

Alex248
Mega Expert

‎06-08-2018 01:10 AM

Hi, Dave
No, I haven't. In fact I am newer in SecOps and I am trying figure out it myself with ServiceNow documentation. 
 
My aim is automatically  to create Vulnerability groups by vulnerabilities/owners and automatically assign it to the responsible groups.  According to the documentation I should use Vulnerability Group Rules and fields Group by and Assignment should to be.
But in fact my instance doesn't contain them and I want figure out why it happend.
0 Helpfuls

Dave Smith1
ServiceNow Employee
ServiceNow Employee

‎06-14-2018 08:58 AM

That's how Vulnerability Group Rules work... but they add the VIT to a group when a VIT is opened (created or re-opened).

If you already have a number of VITs, you can manually create a group and specify some grouping criteria that will act upon the existing VITs but not upon newly-created ones.

"But in fact my instance doesn't contain them and I want figure out why it happend." - what's the "them" here?

Do you have a vulnerability scanner at all?

0 Helpfuls