Configure a severity map in the Security Exposure Management Workspace

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Security Exposure Management Workspace severity mapping transforms third-party source severity fields to recognizable fields in Unified Security Exposure Management.

    Before you begin

    Role required: See Access control lists (ACLs) for administration rules

    About this task

    Security Exposure Management Workspace ships with National Vulnerability Database (NVD) to normalized ServiceNow severity mapping. ServiceNow third-party integrations such as the Qualys Vulnerability Integration provide severity mappings on installation. These maps can be adjusted by changing the fields in existing maps.

    Creating or editing a severity map is intended only for customized or non-standard third-party mappings in your environment.

    Procedure

    1. Navigate to Workspaces > Security Exposure Management Workspace.
    2. Select Administration in the navigation pane.
    3. Under Others, select Review on the Normalized severity maps tile.
    4. Select New.
    5. Fill in the fields on the form, as appropriate.
      Table 1. Field mapping
      Field Description
      Source The name of the source for the severity mapping.
      Target value The target severity value. Choices are:
      • 1- Critical
      • 2 - High
      • 3 - Medium
      • 4 - Low
      • 5 - None
      Source value The source severity value.
      Integration type Integration type choices are:
      • Vulnerability Response
      • Application Vulnerability Response
      • National Vulnerability Response
      • Container Vulnerability Response
    6. Repeat Step 5 for each source severity level.
    7. Select Save.
    8. To edit the severity mapping for an integration, select the integration and update the values in the Source Value and Target Value fields.