In Vulnerability Response, the scheduled job Set related CI services establishes connections between the affected business services and the configuration items (CIs) associated with the vulnerable items (VITs). The linking process takes place once the integration import is finished and at a designated time. To enhance the performance of this scheduled job, several changes have been implemented beginning with v21.1.2 of Vulnerability Response. They are:

• Risk score calculation: The process of calculating risk scores involves the utilization of the Set related CI services scheduled job. Once the CI is processed, this job stores the necessary data in the Related Services [sn_vul_m2m_ci_services] table. Previously, in Configuration Compliance, risk calculation involved directly accessing the Configuration Management Database (CMDB) Application Programming Interface (API) CIUtils to retrieve services for each test result during import. However, the current process relies on the output of the scheduled job from the Related Services [sn_vul_m2m_ci_services] table to calculate the risk score in Configuration Compliance. Additionally, the base system calculator has been modified to utilize the Related Services [sn_vul_m2m_ci_services] table.
• Size of services: The service value in the system property sn_sec_cmn.services_affected_by_CI_max_size, which is related to the Set related CI services scheduled job is decreased from 1000 to 500.
• Depth of services: The depth in the system property sn_sec_cmn.services_affected_by_CI_max_depth, which is related to the Set related CI services scheduled job is reduced from 10 to 5. The service value is also decreased from 1000 to 500.
• Exclusion of CMDB classes: A system property sn_sec_cmn.ignoreCIClassForService has been introduced to enable configuration of CMDB classes for which service calculation should be skipped. In the base system, this property is set for cmdb_ci_unclassed_hardware, cmdb_ci_incomplete_ip, sn_sec_cmn_unmatched_ci as these classes are created by Vulnerability Response and may not have any service mapping. Previously, service calculation was based on the VIT. However, the logic has been modified to use the discovered item instead. The discovered item is used to calculate the service, which is then associated with the CI in the same table.
• Scheduled job for full refresh of services: An on-demand scheduled job Full refresh-related CI services for VI, has been introduced to perform a complete refresh of services. When you upgrade to v21.0 of Vulnerability Response, the Set related CI services job runs for a longer duration at first as the base table uses discovered items instead of vulnerable items. As a result, the job must process all the discovered items that have been scanned within the last 90 days. Additionally, if you require more frequent service refreshes, it can be accommodated by scheduling weekly periodic refreshes or performing a full refresh. If you have performed activities, which resulted in changes to the services associated with your CIs, and you want Vulnerability Response to reflect these changes, you can run the on-demand scheduled job Full refresh related CI services for VI. This job takes all the discovered items recorded in the last 90 days and refreshes the associated services accordingly.