Invicti Vulnerability Integration

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Invicti Vulnerability Integration

    The Invicti Vulnerability Integration enables ServiceNow customers to import application data from the Invicti product, aiding in the assessment of code flaws' impact and prioritization. It integrates seamlessly with the ServiceNow Application Vulnerability Response feature, allowing for the import of critical scanning data, specifically from Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST).

    Show full answer Show less

    Key Features

    • Data Import: Imports applications and vulnerability data from Invicti into ServiceNow.
    • Integration Sequence: Includes a series of chained integrations that run automatically on a schedule, ensuring synchronization with vulnerability management systems.
    • CI Lookup Rules: Allows configuration of lookup rules for accurate mapping of applications based on system property settings.
    • Detailed Reporting: Starting with version 1.1, provides insights on processing times and integration reports for better tracking of vulnerabilities.

    Key Outcomes

    By utilizing the Invicti Vulnerability Integration, customers can streamline the vulnerability remediation process, maintain current vulnerability data, and enhance overall application security management within their ServiceNow instance. The integration supports efficient tracking and handling of security flaws, ultimately aiding in risk management and compliance efforts.

    The Invicti Vulnerability Integration uses application data imported from the Invicti product to help you determine the impact and priority of flaws in your code.

    Invicti Vulnerability Integration

    The Invicti Vulnerability Integration collects scanner data and makes that data available to the ServiceNow AI Platform®. It easily integrates with the ServiceNow® Application Vulnerability Response feature of Vulnerability Response to map imported third-party application vulnerability information into your instance.

    The integration imports the following types of scanned data.
    • Dynamic Application Security Testing (DAST)
    • Interactive Application Security Testing (IAST)

    For more information about DAST and IAST, see Exploring Application Vulnerability Response.

    Available versions

    Release version Release notes

    Invicti Vulnerability Integration v1.1

    Invicti Vulnerability Integration 1.0

    		 Application Vulnerability Response release notes

    For compatibility information, see KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes

    Integrations

    The following integrations are included in the base system. The integrations are chained so that after one integration successfully completes, the next integration is initiated. The integrations run in the order listed in the following table.

    After the initial run, every day, scheduled jobs are chained to run these integrations automatically in order. You can also execute individual scheduled jobs manually. Scheduled jobs simplify the vulnerability remediation life cycle by keeping the instance synchronized with other vulnerability management systems.

    Table 1. Invicti application vulnerability integrations
    Integration Description
    Invicti Application List Application Imports applications scanned by Invicti into the Discovered Applications [sn_vul_app_release] table or the Scanned Application [sn_vul_app_scanned_application] table based on how the sn_vul.use_product_model system property is set for the CI lookup rule records.
    • If the product model property is set to true, an application is inserted in the Discovered Application release table.
    • If the product model property is set to false, an application is inserted in the Scanned Application table.
    You can choose to activate lookup rules with configuration items (CIs) as the lookup targets by modifying the system property. If you modify it, you should also activate CI Lookup rules to match the lookup target. For more information, see:
    Invicti Scan List Integration This integration is initiated after the Application List Integration is successfully completed. This integration imports data about the date and time a scan was run.
    Invicti Application Vulnerable Item Integration This integration is initiated after the Scan List Integration is successfully completed.

    Starting with v1.1, view details such as total processing times, average times for pre- and post-integration run processes, and reports on the integration run records for the Application Vulnerable Item integration.

    Each vulnerability in Invicti has a type, for example,DirectoryListing. This type is mapped as a unique ID in your instance and displayed as part of the value in the Vulnerability field on the application vulnerable item (AVI) record: Invicti-DirectoryListing.

    For more information about mapping, see Invicti Vulnerability Integration state mapping.

    The upper limit for items per page for all three integrations is 200.