Microsoft Threat & Vulnerability Management (TVM) vulnerabilities filtering

_imon S_kora
Tera Contributor
Hello,
 
We would like to filter vulnerabilities incoming from the Microsoft Threat & Vulnerability Management integration. Right now, we don't see any option to limit this and we are getting all the vulnerabilities. We want to limit it only to get priorities 1 and 2.
 
The workaround coud be to limit it in the transformation script, but that could of course cause an issue in future while updating the plugin and is not that easy to maintain. Also, it will still pull all the data and just not process them so we will not decrease the data load.
 
Does anyone have any experience with this problem? Is there some option to filter it without hardcoding it?
 
Thank you,
Simon
2 REPLIES 2

Shivam Sarawagi
ServiceNow Employee
ServiceNow Employee

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1573367

Currently, you would have to maintain those customizations. You can also try creating some system property and put the condition in that.

Our solution was to create a sys property where we state which severities we want to process. Then in the transformation script we check the sys property values with the vulnerabilities that are about to be created and stop the creation if the severity does not match.