Yokohama |
- Enhancements to Application Vulnerability Response
- The Unassign workflow is supported for application vulnerable items (AVITs) and remediation tasks (AVULs).
- Streamline application vulnerability assignments with the Unassign UI action from the more actions menu on an AVIT.
- Reassign incorrectly assigned AVITs, clarify ownership for reassessment, and maintain accurate triage records in workspace views.
- You have the option to send unassign requests for approval prior to clearing the Assigned to and Assignment group fields on records.
- SBOM document upload via Github Action
- Upload valid Software Bill of Material (SBOM) documents to ServiceNow platform with the help of GitHub Action.
- Create application remediation tasks manually in the Vulnerability Manager Workspace
- With the sn_vul.app_sec_manager role, you can create application remediation tasks manually by selecting some or all the records in the Application vulnerable items’ lists in the Vulnerability Manager Workspace. These records are grouped into one or more remediation tasks according to the grouping criteria selected while creating application remediation tasks.
- Create application remediation tasks manually in the IT Remediation Workspace
- With the sn_vul.app_security_champion role, you can create application remediation tasks manually by selecting desired records in the Application vulnerable items’ lists in the IT Remediation Workspace. These records are grouped into one or more remediation tasks according to the grouping criteria selected while creating application remediation tasks.
- Manual Ingestion of vulnerabilities for application vulnerability response
- Import AVITs from external sources via a standardised template (e.g., CSV, Excel) and manage Penetration test findings lifecycle. Now, you can ingest vulnerability data, including details such as affected application,
vulnerability description, severity, remediation recommendations, including other necessary details. This enhancement allows you to simplifies the process of consolidating vulnerability data from diverse sources into a
centralised Penetration test workspace.
- Penetration Test Workspace
-
Monitor your penetration test requests and findings as well as your team's overall progress in the Penetration Test Workspace. Prioritize tests that need your attention, track findings, and view assignments with the
following data visualizations on the dashboard:
- Important items.
- Penetration test requests that are critical and by state.
- Reported findings.
- Overall remediation progress based on assignment.
- Enhancements to Penetration Test Assessment Requests
- Along with Full Penetration, Focused, and Re-test, the following assessment types are included for Penetration Test Assessment Requests forms in the Penetration Test Workspace:
- Emergency Release - Supports emergency releases that are required for rapid software updates to address critical issues like security vulnerabilities.
- Bug Bounty Program - Rewards ethical hackers to find and report security vulnerabilities.
- Release Approvals - Ensure that all necessary checks are completed before deploying new software.
- One-off reviews - Assess specific projects outside regular development and release cycles to evaluate performance and implement improvements.
- Executive Interest - Report on senior management's engagement and support for critical projects within the organization.
Enhancements to the Release Approval and Release Notes fields help you ensure quality and security for your pen test findings. The following states have been added to the Release approval field:
- Not Applicable (Default).
- Approved.
- Denied.
You can add details to justify your release approvals in the Release notes field.
- Associate CWEs for manual AVIT creation from Penetration Test Assessment Requests
- On the Penetration test findings tab on Penetration Test Assessment Requests, you have the option to associate Common Weakness Enumerations (CWE)s or Common Vulnerabilities and Exposures (CVE)s in the
Vulnerability field for manually created AVITs.
- Create change requests in Application Vulnerability Response
- Users with the sn_vul.app_sec_manager and sn_vul.app_sec_champion roles as well as users with the sn_vul.app_developer role who have the ITIL role can create change requests from remediation tasks in the Application Vulnerability Response application. Create change requests to expedite your investigation for application vulnerabilities (AVIT)s that require manual intervention.
- Create change requests with prepopulated information for scanned applications that are classified as configuration items (CI)s.
- The change request workflow in Application Vulnerability Response is similar to the workflow supported in Vulnerability Response. For more information about the Vulnerability Response change request workflow, see Change management for Vulnerability Response.
Note: Change requests are supported for Application Vulnerability Response only if the discovered application is associated with a configuration item (CI). You must set Product model to False in the Use
Product Model [sn_vul.use_product_model] system property to associate a discovered application with a CI.
- Enhancements to the Software Bill of Materials Workspace
-
- You can delete multiple BOM entity records and their related components with bulk edit from the Software Bill of Materials
SBOM SBOM Workspace.
- Any Application Vulnerable Items (AVIT)s that are associated with deleted BOM entities automatically transition to Closed.
- View risk score details of a vulnerable items in the Work notes section
- Starting with v25.0.3 of Application Vulnerability Response, the system property sn_sec_cmn.risk_score_changes_add_worknotes is inactive by default. If you enable it, only then you can see all the changes related to the
risk score of an application vulnerable item in the Work notes section. Additionally, the work notes are updated only if there’s a change in the risk score.
|
Zurich |
- Enhanced Compensatory controls
- When new vulnerable items are ingested and associated with a remediation task that already has an approved compensating control, the reduced risk rating is now automatically inherited by those new vulnerable items.
- Improved vulnerability assessment workflows
-
- CI filtering for vulnerability assessments: You can now filter which configuration items are included in a vulnerability assessment using a condition builder.
- Business Application population on AVITs: AVITs created from SBOM assessment results now include Business Application information, helping you understand application impact and prioritize remediation.
- Priority roll‑down from vulnerability assessments: Updates to the priority of a vulnerability assessment now automatically roll down to associated VITs and AVITs, ensuring consistent prioritization based on the highest
severity.
- Remediation task rule execution mode
- You can now choose how remediation task rules are evaluated during ingestion. The new Match First execution mode evaluates rules sequentially and applies only the first matching rule, assigning each finding to exactly one
remediation task. The default Match All mode continues to evaluate all applicable rules.
- GitHub Application Vulnerability Integration – Generic secrets support
- The GitHub Secret Scanning Integration now imports generic secrets in addition to standard secrets from your GitHub repositories. A new Manage generic secrets in ServiceNow configuration option lets you control whether
generic secrets are ingested. Imported secrets are mapped to Application Vulnerable Items (AVIs) with the scan type Secret, while generic secrets are mapped with the scan type Generic Secret.
- Enhancements to Application Vulnerability Response
- The Unassign workflow is supported for application vulnerable items (AVITs) and remediation tasks (AVULs).
- Streamline application vulnerability assignments with the Unassign UI action from the more actions menu on an AVIT.
- Reassign incorrectly assigned AVITs, clarify ownership for reassessment, and maintain accurate triage records in workspace views.
- You have the option to send unassign requests for approval prior to clearing the Assigned to and Assignment group fields on records.
- SBOM document upload via Github Action
- Upload valid Software Bill of Material (SBOM) documents to ServiceNow platform with the help of GitHub Action.
- Create application remediation tasks manually in the Vulnerability Manager Workspace
- With the sn_vul.app_sec_manager role, you can create application remediation tasks manually by selecting some or all the records in the Application vulnerable items’ lists in the Vulnerability Manager Workspace. These records are grouped into one or more remediation tasks according to the grouping criteria selected while creating application remediation tasks.
- Create application remediation tasks manually in the IT Remediation Workspace
- With the sn_vul.app_security_champion role, you can create application remediation tasks manually by selecting desired records in the Application vulnerable items’ lists in the IT Remediation Workspace. These records are grouped into one or more remediation tasks according to the grouping criteria selected while creating application remediation tasks.
- Tenable Web Application Scanning Vulnerability Response Integration
- The Tenable.was integration now supports on‑demand execution of both application and vulnerability imports, allowing you to quickly ingest web applications, findings, and scan metadata into ServiceNow. Imported data
automatically populates Discovered Applications, Vulnerability Entries, Scan Summaries, and AVITs, with full visibility through integration run tracking.
- Manual Ingestion of Vulnerabilities for Application Vulnerability Integration
- Import AVITs from external sources via a standardised template (e.g., CSV, Excel) and manage Penetration test findings lifecycle. Now, you can ingest vulnerability data, including details such as affected application,
vulnerability description, severity, remediation recommendations, including other necessary details. This enhancement allows you to simplifies the process of consolidating vulnerability data from diverse sources into a
centralised Penetration test workspace.
- Penetration Test Workspace
-
Monitor your penetration test requests and findings as well as your team's overall progress in the Penetration Test Workspace. Prioritize tests that need your attention, track findings, and view assignments with the
following data visualizations on the dashboard:
- Important items.
- Penetration test requests that are critical and by state.
- Reported findings.
- Overall remediation progress based on assignment.
- Enhancements to Penetration Test Assessment Requests
- Along with Full Penetration, Focused, and Re-test, the following assessment types are included for Penetration Test Assessment Requests forms in the Penetration Test Workspace:
- Emergency Release - Supports emergency releases that are required for rapid software updates to address critical issues like security vulnerabilities.
- Bug Bounty Program - Rewards ethical hackers to find and report security vulnerabilities.
- Release Approvals - Ensure that all necessary checks are completed before deploying new software.
- One-off reviews - Assess specific projects outside regular development and release cycles to evaluate performance and implement improvements.
- Executive Interest - Report on senior management's engagement and support for critical projects within the organization.
Enhancements to the Release Approval and Release Notes fields help you ensure quality and security for your pen test findings. The following states have been added to the Release approval field:
- Not Applicable (Default).
- Approved.
- Denied.
You can add details to justify your release approvals in the Release notes field.
- Associate CWEs for manual AVIT creation from Penetration Test Assessment Requests
- On the Penetration test findings tab on Penetration Test Assessment Requests, you have the option to associate Common Weakness Enumerations (CWE)s or Common Vulnerabilities and Exposures (CVE)s in the
Vulnerability field for manually created AVITs.
- Create change requests in Application Vulnerability Response
- Users with the sn_vul.app_sec_manager and sn_vul.app_sec_champion roles as well as users with the sn_vul.app_developer role who have the ITIL role can create change requests from remediation tasks in the Application Vulnerability Response application. Create change requests to expedite your investigation for application vulnerabilities (AVIT)s that require manual intervention.
- Create change requests with prepopulated information for scanned applications that are classified as configuration items (CI)s.
- The change request workflow in Application Vulnerability Response is similar to the workflow supported in Vulnerability Response. For more information about the Vulnerability Response change request workflow, see Change management for Vulnerability Response.
Note: Change requests are supported for Application Vulnerability Response only if the discovered application is associated with a configuration item (CI). You must set Product model to False in the Use
Product Model [sn_vul.use_product_model] system property to associate a discovered application with a CI.
- Enhancements to the Software Bill of Materials Workspace
-
- You can delete multiple BOM entity records and their related components with bulk edit from the Software Bill of Materials
SBOM SBOM Workspace.
- Any Application Vulnerable Items (AVIT)s that are associated with deleted BOM entities automatically transition to Closed.
- View risk score details of a vulnerable items in the Work notes section
- Starting with v25.0.3 of Application Vulnerability Response, the system property sn_sec_cmn.risk_score_changes_add_worknotes is inactive by default. If you enable it, only then you can see all the changes related to the
risk score of an application vulnerable item in the Work notes section. Additionally, the work notes are updated only if there’s a change in the risk score.
|
Australia |
- Wiz Vulnerability Response Integration
- Import application, Software Composition Analysis (SCA), findings, Secrets (passwords, tokens and keys) data with the following Wiz Vulnerability integrations:
- Application List Integration
- SCA Findings Integration
- Secret Findings Integration
You can configure these integrations on the Wiz Vulnerability Integration configuration page along with the other Wiz Vulnerability integrations. View imported application list data such as Product Model and Source application ID from Wiz on the Discovered Applications [sn_vul_app_release] table records, and SCA and Secrets data on the Application Vulnerable Items [sn_vul_app_vulnerable_item] table records.
- GitHub Application Vulnerability Integration – Generic secrets support
- The GitHub Secret Scanning Integration supports imports of generic secrets in addition to standard secrets from your GitHub repositories. An enhanced Manage generic secrets in ServiceNow configuration option lets you control whether generic secrets are ingested. Imported secrets are mapped to Application Vulnerable Items (AVITs) with the scan type, Secret, while generic
secrets are mapped with the scan type, Generic Secret.
- Improved vulnerability assessment workflows
-
- CI filtering for vulnerability assessments: You can now filter which configuration items are included in a vulnerability assessment using a condition builder.
- Business Application population on AVITs: AVITs created from SBOM assessment results now include Business Application information, helping you understand application impact and prioritize remediation.
- Priority roll‑down from vulnerability assessments: Updates to the priority of a vulnerability assessment now automatically roll down to associated VITs and AVITs, ensuring consistent prioritization based on the highest
severity.
- Enhanced Compensatory controls
- When new vulnerable items are ingested and associated with a remediation task that already has an approved compensating control, the reduced risk rating is now automatically inherited by those new vulnerable items.
|