Which is eligible place in servicenow for onboarding responsible disclosures.

prasanna11
Mega Guru

We are looking to onboard responsible disclosures to be created as a request in servicenow.  Which is the right place to put this in servicenow. 

 

Can it be put into vulnerability management app. OR security incident request table (sn_si_request) ? If anyone has onboarded responsible disclosures into servicenow, please share your expertise.

 

#vulnerability #security #sir 

1 REPLY 1

Mark Manders
Mega Patron

I haven't done it before, but it sounds more like vulnerability management than a real security incident, depending on your business of course. 

To let people tell you, you have a possible issue does not (yet) belong in a security incident (when the vulnerability is exploited). 

An 'if you don't close that gap in your code, I could steal all your money' is a little bit different than 'thanks for having this whole in you code, I now have all your money'.


Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark