Configuration Compliance release notes

  • Release version: Yokohama
  • Updated September 29, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Configuration Compliance release notes

    The ServiceNow® Configuration Compliance application helps you quickly identify, prioritize, and remediate critical configuration-related vulnerabilities within your IT environment. The Yokohama release introduces enhancements that improve manual remediation task creation, integration with Wiz vulnerability data, and visibility into risk score changes. This release focuses on enabling efficient vulnerability management and compliance workflows through enhanced integrations and workspace capabilities.

    Show full answer Show less

    Key Features

    • Manual Remediation Task Creation:
      • Users with the snvulc.admin role can manually create remediation tasks in the Vulnerability Manager Workspace by selecting configuration test results and grouping them based on chosen criteria.
      • Users with the snvulc.remediationowner role can similarly create remediation tasks in the IT Remediation Workspace, offering flexibility in managing remediation workflows.
    • Wiz Integration Enhancements:
      • Import and identify Wiz Resource Types (assets) on the Wiz Integration Resource Type configuration page to control which resource types are imported across primary Wiz vulnerability and compliance integrations, excluding the Wiz Container Vulnerability Integration.
      • New Wiz Backfill Integrations automatically retrieve and process missing asset data from the Wiz Missing Assets table, ensuring comprehensive vulnerability coverage.
      • The Wiz Host Test Result Vulnerability Integration imports test results for virtual machine resources and is activated by default to enhance vulnerability insights.
    • Risk Score Visibility:
      • Starting with Configuration Compliance version 15.2.1, the system property controlling risk score change visibility in the work notes (snseccmn.riskscorechangesaddworknotes) is inactive by default. Enabling it allows users to see detailed risk score changes only when updates occur, maintaining focused and relevant audit trails.
    • Quick Start Tests:
      • Post-upgrade or deployment, quick start tests are available to verify that Configuration Compliance functions correctly. These tests can be customized to accommodate any Configuration Compliance customizations you have implemented.

    Activation and Availability

    Configuration Compliance is available for installation through the ServiceNow Store. Customers must request the application from the store to activate it in their instances. For comprehensive release notes and updates across versions, customers should refer to the ServiceNow Store version history.

    The ServiceNow® Configuration Compliance application enables you to prioritize and remediate the most critical configuration-related vulnerabilities in your environment quickly and efficiently. Configuration Compliance was enhanced and updated in the Yokohama release.

    Configuration Compliance highlights for the Yokohama release

    • With the sn_vulc.admin role, create remediation tasks manually in the Vulnerability Manager Workspace.
    • With the sn_vulc.remediation_owner role, create remediation tasks manually in the IT Remediation Workspace.

    See Configuration Compliance for more information.

    Important:
    Configuration Compliance is available in the ServiceNow Store. For details, see the "Activation information" section of these release notes.

    New in the Yokohama release

    Identify Wiz Resource Types for import

    Identify the Resource Types (assets) reported by Wiz in your environment on the Wiz Integration Resource Type configuration page in your ServiceNow AI Platform instance that you want to import.

    The Resource Types that you select apply to all the primary Wiz vulnerability and compliance integrations except the Wiz Container Vulnerability Integration.

    Wiz Backfill Integrations
    Retrieve and process data stored on the Wiz Missing Assets [sn_vul_wiz_missing_asset] table for missing assets that were not processed by the primary compliance integrations with specialized Wiz Backfill Integrations.
    • Test Results Backfill Integration
    • Host Test Results Backfill Integration
    • Issues Backfill Integration

    The Wiz Backfill Integrations are activated by default.

    Wiz Host Test Result Vulnerability Integration
    Import test results associated with the resource type, VIRTUAL MACHINE with the Wiz Host Test Result Vulnerability Integration. This integration is activated by default.
    Create remediation tasks manually in the Vulnerability Manager Workspace
    With the sn_vulc.admin role, you can create remediation tasks manually by selecting some or all the records in the Configuration Test Results lists in the Vulnerability Manager Workspace. These records are grouped into one or more remediation tasks according to the grouping criteria selected while creating remediation tasks.
    Create remediation tasks manually in the IT Remediation Workspace
    With the sn_vulc.remediation_owner role, you can create remediation tasks manually by selecting desired records in the Configuration Test Results lists in the IT Remediation Workspace. These records are grouped into one or more remediation tasks according to the grouping criteria selected while creating remediation tasks.
    View risk score details of a test result in the Work notes section
    Starting with v15.2.1 of Configuration Compliance, the system property sn_sec_cmn.risk_score_changes_add_worknotes is inactive by default. If you enable it, only then you can see all the changes related to the risk score of a test result in the Work notes section. Additionally, the work notes are updated only if there’s a change in the risk score.
    Quick Start Tests for Configuration Compliance

    After upgrades and deployments of new applications or integrations, run quick start tests to verify that Configuration Compliance works as expected. If you customized Configuration Compliance, copy the quick start tests and configure them for your customizations.

    Activation information

    Install Configuration Compliance by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.