Preparing the Common Security Advisory Framework (CSAF) solution integration
Use the Setup Assistant to prepare for implementing a solution intelligence integration for all the vendors that support the Common Security Advisory Framework (CSAF) data format.
Before you begin
To integrate with the vendors that provide the solutions, ensure you perform the tasks in the following checklist. You can print the checklist and verify the items listed are completed before you install the application.
| Task | Description |
|---|---|
|
Verify that the following applications are installed from the ServiceNow Store:
|
|
|
Verify you have any third-party account credentials available. They are required to edit some solution integrations. |
|
|
Verify that you have authenticated the vendors for import of solutions using the APIs. For more information on how to authenticate vendors, see Configure Connection and Credential aliases for the Common Security Advisory Framework (CSAF). If you do not want to configure an API-based vendor, you can skip this step. |
|
|
If you want to configure an API-based vendor other than Red Hat, then you must customize the flow and flow action for extracting a unique key and CSAF URL from the response of an advisory. Remarque :
Publishing CSAF URL is not standard across vendors. To customize the flow for vendors other than Red Hat, see Configure a Common Security Advisory Framework vendor other than Red Hat. You can skip this step if they do not want to configure vendors other than Red Hat. By default, the flow for Red Hat has been shipped with the application. |
|
|
Verify that you have an admin group or user who can manage the integration. If not assigned, the admin assigns the vulnerability admin (sn_vul.vulnerability_admin) and other roles. |