Vulnerability Response Integration with Black Duck

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 3분

    • The Vulnerability Response integration with Vulnerability Response Integration with Black Duck uses the data that is imported from the Black Duck Software Composition Analysis (SCA) tool to help you determine the impact and priority of the flaws in your code.

    Integration overview

    With the Vulnerability Response Integration with Black Duck, you can collect SCA and make that data available to the ServiceNow AI Platform. Starting with v22.0.5 of Vulnerability Response, you can import the SCA vulnerabilities data to your instance so that you can identify the vulnerabilities in your software applications. For more information, see Exploring Software Bill of Materials.

    A shared API ingests the SCA data.

    주:
    Each integration record has a configured run-as user. The default value for this user is VR System. Don’t change this value.

    Every day, scheduled jobs invoke the integrations automatically in the order that they’re listed. You can also execute individual scheduled jobs manually. Scheduled jobs simplify the vulnerability remediation life cycle by keeping the instance synchronized with other vulnerability management systems.

    Available versions

    표 1. Black Duck Integration available versions
    Release version Release notes

    Vulnerability Response Integration with Black Duck 1.0.5

    User group and roles

    The Vulnerability Response Integration with Black Duck is installed by a user with the admin role and is configured by a member of the App-Sec Manager group. For more information, see the Application Vulnerability Response user groups and roles.

    For integration run statuses, see View the Vulnerability Response Integration with Black Duck import run status

    To view data in the third-party vulnerabilities, see View vulnerability libraries.