Install Vulnerability Response third-party applications using Setup Assistant

  • Release version: Australia
  • Updated March 12, 2026
  • 3 minutes to read

    • Install the third-party integration applications you have entitlement for in Vulnerability Response using the Setup Assistant.

    Before you begin

    Setup Assistant supports the installation of most third-party integration applications with Vulnerability Response, but you continue with the configuration for some applications you install from configuration modules in your instance. See Vulnerability Response integrations for a list of applications that are supported by Vulnerability Response.
    Note:
    This process applies only to applications that are downloaded to production instances. If you're downloading applications to non-production or development instances, it's not necessary to get entitlements. Proceed to Activate a ServiceNow Store application.
    • After it is installed, the Vulnerability Solution Management feature of Vulnerability Response provides you access to the Microsoft Security Response Center Solution Integration and the Red Hat Solution Integration in Setup Assistant.
    • Vulnerability Solution Management is available by separate subscription. See Vulnerability Solution Management for more information on how Vulnerability Response incorporates solutions.
    Before you can install and activate third-party applications from Setup Assistant, perform the following tasks to ensure a smooth installation:
    Setup Tasks Description
    Verify that you have valid ServiceNow entitlements for the integration applications that you want to install.

    Navigate to Subscription Management > Subscriptions in your instance to verify entitlements. The list displays the subscriptions your organization has purchased.

    For more information about getting entitlements for a Security Operations application from the ServiceNow Store, see Get entitlement for a Security Operations product or application.
    (Optional) If not already installed and activated, you may prefer to install the Vulnerability Response application prior to installing the third-party application.

    For more information about installing and activating the Vulnerability Response application, see, Install and configure Vulnerability Response.
    If not already installed and activated, you must activate and import vulnerability data with the NVD Integration and CWE scheduled job prior to running a third-party scanner application to import data. Run the NVD and CWE integrations as part of your initial setup of Vulnerability Response and prior to importing vulnerability data into your instance with a third-party scanner product. See Understanding the NVD integrations for more information.
    Verify you have completed any setup tasks required for the third-party integrations for Vulnerability Response. Review any required setup tasks for each integration that you want to install at Vulnerability Response integrations.
    Role required: admin

    Procedure

    1. Navigate to All > Vulnerability Response > Administration > Setup Assistant > System Administration > Integration Application Installation.

      After a few moments, the applications you have entitlement for and that are available for installation on your instance are displayed.

      Available Vulnerability Response third-party applications. Qualys Integration for Security Operations, Rapid7 Integration for Security Operations, and Shodan Exploit Integration for Security Operations.
    2. Locate the application want to install and click Install on the application tile.
      The All Applications dialog is displayed with the name of the application tile you clicked, for example, Rapid7 Integration for Security Operations, as shown in the following figure.
      All Applications dialog.
    3. Locate the application, select a version from the choice list, and click Install.

      If an update is available for the application, the Update button is displayed.

      Application listing with the Install button active.
      The Application installation dialog displays the application dependency status. Any required dependencies not already installed are automatically installed along with the application.
    4. In the Application installation dialog, click Install.
      Install and dependency status dialog.
      The Install dialog indicates when the installation is successfully completed.
    5. Close the dialog.
      The All Applications page is displayed that shows your application is successfully installed.
      After installation and activation, you can configure, schedule, and launch the following applications and installed solutions directly from the Integration Configuration section of Setup Assistant:
      • The Qualys Vulnerability Integration
      • The Vulnerability Response Integration with Tenable.
      • The Microsoft Security Response Center Solution Integration
      • The Red Hat Solution Integration
      • Microsoft Security Response Center Solution Integration
      • The Microsoft Defender Vulnerability Management Integration

      For other applications not listed above, navigate directly to the configuration module of the application to continue with the configuration and to enter any required third-party credentials. For example, the following image shows the location of the Configuration and module for the Rapid7 application.

      For more information about configuring specific applications, see the installation and configuration product documentation by product name provided for each application.

      Rapid7 configuration module.

    What to do next

    Continue with the configuration of your application in Setup Assistant if your application is supported.

    If your application is not supported for configuration in Setup Assistant, navigate directly to the configuration module of the application to continue with the configuration. To view supported applications in Setup Assistant, see, Installation of Vulnerability Response and supported applications.