Security Posture Control release notes

  • Release version: Washingtondc
  • Updated April 30, 2024
  • 4 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Security Posture Control Release Notes

    The ServiceNow® Security Posture Control application offers cybersecurity teams enhanced visibility into security tool coverage gaps and configuration deviations for enterprise assets. The Washington DC release introduces significant improvements to this application, allowing users to audit, monitor, and manage asset security effectively.

    Show full answer Show less

    Key Features

    • Policy Management: Users can create and edit policies to monitor assets for security compliance and vulnerabilities, with version tracking and state transitions for test results.
    • Advanced Querying: Enhanced querying capabilities allow for searching assets based on specific conditions, including software discrepancies and CMDB metadata.
    • Custom Insights: Users can generate dashboards to monitor critical metrics related to asset security and compliance.
    • Service Graph Connectors: The application supports 31 connectors for various security and IT tools, enabling comprehensive asset data consolidation.
    • Automated Remediation: Findings from Security Posture Control can be published into Configuration Compliance, facilitating streamlined remediation workflows.

    Key Outcomes

    With the Washington DC release of Security Posture Control, ServiceNow customers can expect improved asset monitoring and compliance, customizable policy creation, and enhanced reporting capabilities. These features enable organizations to effectively manage security risks, prioritize vulnerabilities, and automate remediation processes, thereby strengthening their overall security posture.

    The ServiceNow® Security Posture Control application provides cybersecurity teams with visibility into security tool coverage gaps and deviations from security tool configuration for their enterprise assets. Security Posture Control is a new application that was enhanced for the Washington DC release.

    Security Posture Control highlights for the Washington DC release

    • Use the policies included with the application or create your own policies to audit and monitor assets for security tool coverage, compliance with internal configuration standards for security tools, critical combinations involving vulnerabilities, and possible internet exposure.
    • Search for assets in your CMDB based on queries for specific service graph connector and ServiceNow products or for assets that have specific data. You can save your search criteria as a policy.
    • Create custom insights on a dashboard and monitor important metrics for your asset security posture.
    • Identify priority vulnerabilities and drive resolution through insights from Security Posture Control in Vulnerability Response risk calculators and remediation target rules.
    • Automate remediation workflows for security gaps by publishing findings from Security Posture Control policies into Configuration Compliance.

    See Security Posture Control for more information.

    Important:
    Security Posture Control is available in the ServiceNow Store. For details, see the "Activation information" section of these release notes.

    Security Posture Control features

    Enhancements to version 3.0

    Policy enhancements:

    • Edit activated policies, save changes, publish changes, and exit edit mode with UI actions in policies. Versions are tracked and version numbers are displayed on the policy records and their related test results.
    • Close existing related test results (findings) if you publish a new version of a policy or delete a policy. If you choose to close test results, test result and remediation task states transition in accordance with the state transition processes of the Configuration Compliance application. See Test result and remediation task state transitions in the Security Posture Control application for more information.
    • Query the Security Posture Control product with Software as an Entity type. Look for any discrepancies that exist between the installed software reported by your vulnerability scanner products and the software reported by scanners and already accounted for in Software Asset Management (SAM) and other ServiceNow® products.

    Policy condition builder enhancements:

    • Select the OR condition to search for and monitor diverse types of assets from a single policy.
    • Select Reported only by as a Connection and choose specific Sources (third-party service graph connectors and ServiceNow products) to report on your assets. Monitor only those assets that are reported by the specific ServiceNow® products and third-party sources you select.

    Select CMDB metadata as a Connection in the condition builder and search for the following assets:

    • Devices with host names that have specific patterns with matches regex operator for the host name Property. For example, if you enter lp manually, you can look for all laptops with 'lp' as the second and third characters in the host name.
    • Assets that have been discovered for the first time with the First seen timestamp Property.
    • Devices based on specific models and model information with the Model name, Has model info, and Model data conditions. This data can help you with security control coverage.
    • Assets that were Last seen Within the last n days. Enter the number of days up to 30. For example, enter 3 to monitor assets by 'last logon' from Active Directory in the last three days.
    Policies (prior to version 3.0)
    Monitor your assets and cloud assets (AWS only) for missing endpoint protection agents, unmanaged devices, devices not scanned for vulnerabilities, and critical combinations with vulnerabilities with provided policies.
    • Define custom policies based on asset metadata, security tool configuration data, and vulnerabilities to monitor asset compliance with your internal security standards.
    • Chain policies together so you can monitor assets in hierarchical categories.
    • Filter assets by using custom fields in your CMDB CI classes in policies.
    • Exclude assets from your audits and monitoring that match other policies or assets with approved exceptions in Integrated Risk Management (IRM).
    Service Graph Connectors
    The application supports 31 Service Graph Connectors for various security and IT tools in the enterprise to import and consolidate asset data to provide you insights on your security posture.
    Key insights and custom insights
    Monitor critical metrics about your asset security posture and security tool coverage by creating custom insights.

    UI changes

    Security Posture Control Workspace
    Automate the remediation workflow for identified security gaps by publishing findings from Security Posture Control policies into Configuration Compliance and viewing them in the Security Posture Control workspace.

    Important upgrade information for Security Posture Control

    For a complete list of the applications that are required to implement Security Posture Control, see Install the supported applications for Security Posture Control.

    Activation information

    Install the Security Posture Control Core, Asset Security Posture Management (ASPM), and the Configuration Compliance applications for Security Posture Control by requesting them from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.