Vulnerability Response integrations release notes

  • Release version: Washingtondc
  • Updated April 26, 2024
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Vulnerability Response Integrations Release Notes

    The Washington DC release of the ServiceNow® Vulnerability Response application, updated on April 26, 2024, enhances third-party integrations that enrich vulnerability data, enabling more effective management of vulnerabilities.

    Show full answer Show less

    Key Features

    • CISA KEVs Integration: Ingest crucial data about actively exploited vulnerabilities, including a new field that identifies vulnerabilities known to be used in ransomware campaigns.
    • Black Duck Vulnerability Integration: Mitigate open-source code vulnerabilities detected by the Black Duck Software Composition Analysis tool.
    • GitHub Application Vulnerability Integration: Import application data from GitHub repositories, enhancing visibility into application vulnerabilities.
    • Veracode Vulnerability Integration Enhancements: Access detailed data from Veracode scans and recommendations directly within the Vulnerability Response workspaces.
    • EPSS Integration: Utilize the Exploit Prediction Scoring System (EPSS) to prioritize and remediate vulnerabilities effectively.
    • Rapid7 InsightVM Improvements: Solutions can now be generated using solutionid, even if other fields are empty.

    Key Outcomes

    By leveraging these integrations and enhancements, ServiceNow customers can expect improved vulnerability prioritization and management. The ability to access real-time data on vulnerabilities, particularly those exploited in ransomware campaigns, will significantly enhance overall security posture and response strategies.

    Third-party integrations with the ServiceNow® Vulnerability Response application help enrich your vulnerability data. The ServiceNow applications and third-party integrations that are compatible with the Vulnerability Response application were enhanced and updated in the Washington DC release.

    Vulnerability Response integrations highlights for the Washington DC release

    • Prioritize and address vulnerabilities efficiently and enhance your overall vulnerability management strategy by ingesting crucial information about vulnerabilities that are actively exploited using the Vulnerability Response integration with the CISA Known Exploited Vulnerabilities (KEVs) catalog. This integration also incorporates EPSS data from FIRST.org focusing on software vulnerabilities currently under exploitation.
    • Ingest the newly introduced field Known To Be Used in Ransomware Campaigns in Vulnerability Response from Cybersecurity & Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEVs) catalog.

    See Vulnerability Response integrations for more information.

    Important:
    Supported integrations with Vulnerability Response are available in the ServiceNow Store. For details, see the "Activation information" section of these release notes.

    Important information for upgrading Vulnerability Response to Washington DC

    New in the Washington DC release

    Black Duck Vulnerability Integration 1.0
    Identify and mitigate the open-source code vulnerabilities detected by Black Duck Software Composition Analysis (SCA) tool ingested into Application Vulnerability Response to reduce the risks.
    GitHub Application Vulnerability Integration v1.1
    Import application information from your GitHub repositories with the GitHub Repos Integration. Imported data is stored in the Discovered Applications [sn_vul_app_release] table. The GitHub CodeScan and Dependabot integrations require current application data that is imported by the GitHub Repos Integration.

    Enhancements to the (OAuth) authentication credentials on the GitHub Configuration page.

    Enhancements to the Veracode Vulnerability Integration v4.2
    Select Get More Details on Veracode application vulnerable items (AVITs) on the Application Vulnerable Item [sn_vul_app_vulnerable_item] table or from the list views in the Vulnerability Response Workspaces to view the following data imported from Veracode:
    • HTTP Source request and Source response details for Dynamic Application Security Testing (DAST) scans are displayed on the HTTP Request/Response related list.
    • Solution recommendations from Veracode are displayed on the Findings related list.
    • HTTP Source request, Source response, and recommendations are displayed on the Details tab In the Vulnerability Response workspaces.
    • The Description column is supported on the Application Vulnerable Item [sn_vul_app_vulnerable_item] table.
    Enhancements to Application Vulnerability Response AVIT Vulnerability Integrations
    View details such as total processing times, average times for pre- and post-integration run processes, and reports on the integration run records for the Fortify (v2.3), Invicti (v1.1), and Veracode (v4.2) Application Vulnerable Item (AVIT) Integrations.
    Leverage Exploit Prediction Scoring System (EPSS) score for vulnerability prioritization
    Enrich the NVD data in your instance to prioritize and remediate vulnerabilities by using the Exploit Prediction Scoring System (EPSS) integration to import the EPSS data that is related to common vulnerabilities and exposures (CVEs) from FIRST.org.
    Ingest Known To Be Used in Ransomware Campaigns
    Beginning with v21.0.5 of Vulnerability Response, a new field, Known To Be Used in Ransomware Campaigns, is ingested from the Cybersecurity & Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEVs) catalog.
    Generate solutions by Rapid7 InsightVM using solution_id

    Beginning with v21.0.5 of Vulnerability Response, there’s an update in the solution creation process for Rapid7 InsightVM. Previously, solutions were generated based on the information provided in the solution_summary, solution_fix, and solution_type fields. However, with this update, Rapid7 InsightVM utilizes the solution_id sent by the scanner to create solutions even if the solution_summary, solution_fix, or solution_type fields are empty.

    Activation information

    Install supported third-party integration applications for Vulnerability Response by requesting them from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.