Create or edit Vulnerability Response assignment rules

リリースバージョン: Australia

更新日 2026年03月12日

所要時間：7分

After you complete your initial assessment of assignment rules using Setup Assistant, you can create rules to automatically assign vulnerable items based on filter conditions. These rules assign vulnerable items as they are imported or manually created.

始める前に

Role required: sn_vul.vulnerability_admin or sn_vul.admin (deprecated)

Starting with v30.0 of Vulnerability Response, the Administration console in the Security Exposure Management Workspace enables one-stop configuration for all Unified Security Exposure Management applications, including assignment rules, classification rules, and remediation targets. It provides consistent workflows across Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response, and Configuration Compliance applications. For more information, see Configure rules to manage findings.

Persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For an initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

このタスクについて

The base system ships with one vulnerability assignment rule, Assign to CI support group, which assigns vulnerable items to the same assignment group as the CI support group. This rule can be modified using filter conditions or you can create a new rule. With assignment rules, you define the condition(s) of assignment and the order of execution. Once a VI matches a rule condition, the assignment lookup stops.

手順

Navigate to All > Vulnerability Response > Administration > Assignment Rules.
Open the Assign to CI support group rule or click New.

If New, fill in the fields on the form, as appropriate.

表 : 1. Vulnerability Assignment Rule
Field	Description
Name	Name of the group rule.
Active	Indicates whether the assignment rule is active.
Execution order	Order in which the rules are evaluated. High priority rules, items that need special handling, where risk is critical, or a VI should be handled by regulatory compliance, to be run first. Next, run your general rules, where no special handling is required, and you know who should be responsible for them. Finally, create a default rule to assign VIs to the group that will figure out what assignment group it should belong to. This group could add another rule to cover their decisions. This default rule would run last.
Description	Description of the assignment rule.
Condition
Preview	Shows how many results this query will return.
Condition fields	Conditions that must be met. 注: To make Rapid7 InsightVM asset tags available for use in the Condition filter for Assignment Rules, you must run the Rapid7 InsightVM Asset List integration before the other Rapid7 InsightVM integrations. Case sensitivity for the search text you enter in the condition builder is not supported on this record or form.
New Criteria	Adds more condition filter fields to choose from.
Assign using	To automate the assignment of groups created based on this rule, choose one of the options available. User group: Select a user group from the lookup table. User group field: Select a user group field from the drop-down menu. Script: Create or edit a script. 注: Creating or edit a script requires ServiceNow expertise.

Click Submit.
New or updated rules are evaluated on the next import.
注:
The reapply feature requires a baseline application of the rules. Once your rules are created, if you haven't already done so, activate the Reapply all vulnerability assignment rules scheduled job to execute, at your convenience. It applies all the rules to all Open VIs except those manually assigned. Depending on how many active VIs you have in your environment, remember to set the Run field appropriately following the initial run to prevent performance impacts.

If you haven't run this scheduled job, when you try to use the Apply Changes button on the Assignment Rules form, you will have to do it then. Reapplying assignment rules does not regroup the vulnerable items.