Consolidated page of all release notes for Security Posture Control from Washington DC to Xanadu.
How to use this page
To help you prepare for your upgrade, we have combined the cross-family Security Posture Control release notes onto one page. Read this summary of the new features, changes, and updated information for your product from Washington DC to Xanadu.
Tip: If there were no updates for a release notes section in a certain family release, we included a short note for your reference. For example, if a product did not have any updates in Tokyo, the row says "No updates for this release."
Important information for upgrading Security Posture Control to Xanadu
Before you upgrade to Xanadu, review these pre- and post-upgrade tasks and complete the tasks as needed.
New features
Between your current release family and Xanadu, new features were introduced for Security Posture Control.
| Release |
Release notes |
Washington DC |
- Enhancements to version 3.0
-
Policy enhancements:
- Edit activated policies, save changes, publish changes, and exit edit mode with UI actions in policies. Versions are tracked and version numbers are displayed on the policy records and their related test results.
- Close existing related test results (findings) if you publish a new version of a policy or delete a policy. If you choose to close test results, test result and remediation task states transition in accordance with the
state transition processes of the Configuration Compliance application. See Test result and remediation task state transitions in the Security Posture Control application for more information.
- Query the Security Posture Control product with Software as an Entity type. Look for any discrepancies that exist between the installed software reported by your vulnerability scanner products
and the software reported by scanners and already accounted for in Software Asset Management (SAM) and other ServiceNow® products.
Policy condition builder enhancements:
- Select the OR condition to search for and monitor diverse types of assets from a single policy.
- Select Reported only by as a Connection and choose specific Sources (third-party service graph connectors and ServiceNow products) to report on your assets. Monitor only those assets that are reported by the specific ServiceNow® products and third-party sources you select.
Select CMDB metadata as a Connection in the condition builder and search for the following assets:
- Devices with host names that have specific patterns with matches regex operator for the host name Property. For example, if you enter lp manually, you can look for all
laptops with 'lp' as the second and third characters in the host name.
- Assets that have been discovered for the first time with the First seen timestamp Property.
- Devices based on specific models and model information with the Model name, Has model info, and Model data conditions. This data can help you with
security control coverage.
- Assets that were Last seen
Within the last n days. Enter the number of days up to 30. For example, enter 3 to monitor assets by 'last logon' from Active Directory in the last three
days.
- Policies (prior to version 3.0)
- Monitor your assets and cloud assets (AWS only) for missing endpoint protection agents, unmanaged devices, devices not scanned for vulnerabilities, and critical combinations with vulnerabilities with provided policies.
- Define custom policies based on asset metadata, security tool configuration data, and vulnerabilities to monitor asset compliance with your internal security standards.
- Chain policies together so you can monitor assets in hierarchical categories.
- Filter assets by using custom fields in your CMDB CI classes in policies.
- Exclude assets from your audits and monitoring that match other policies or assets with approved exceptions in Integrated Risk Management (IRM).
- Service Graph Connectors
- The application supports 31 Service Graph Connectors for various security and IT tools in the enterprise to import and consolidate asset data to provide you insights on your security posture.
- Key insights and custom insights
- Monitor critical metrics about your asset security posture and security tool coverage by creating custom insights.
|
Xanadu |
- Mitigation Controls Monitoring with Security Posture Control
- From within the Security Posture Control workspace, detect mitigation controls of various types as described by MITRE on all on-premise and cloud enterprise assets. Gain insight into which threats to your assets are mitigated by available mitigation controls based on how various security tools are configured.
- Activate mitigation control policies that are included with the application that identify MITRE mitigations on your assets.
- Identify your assets that have Web Application Firewall (WAF) protection with supported tools that include F5 BIG-IP. Automatically map a WAF mitigation to vulnerable items by analyzing the policy signatures in the firewall and the Common Vulnerabilities and Exposures (CVE) information.
- Identify exploit mitigation controls from endpoint protection or Endpoint Detection and Response (EDR) tools like CrowdStrike and Microsoft Defender. Automatically map the EDR exploit mitigation controls to relevant vulnerable items by analyzing the vulnerability information and the EDR mitigation control configuration.
- Populate vulnerable items with relevant attributes that can be used in your Vulnerability Response risk calculator rules.
- Import agent information from the SentinelOne product into your ServiceNow AI Platform® with the Service Graph Connector for Sentinel One.
- Import asset data from the Splunk product into your ServiceNow AI Platform® with the Service Graph Connector for Splunk.
- Enhancements to custom insights in the Security Posture Control Workspace
- The name of the Custom insights module has been changed to the Configured insights module in the Security Posture Control Workspace.
You must assign groups to organize your reports by categories when you create custom insight records. Groups determine where your data visualizations are displayed on
the dashboard in the Configured insights module according to the criteria you set.
- Enhancements to the Condition policy builder in the Policies and findings module
- Select With aggregated data for Connection to ensure that your policy matches assets that have slight variations in reported data. The following properties for policies for
hardware assets are supported as they’re reported by different sources:
- Host name
- FQDN
- OS
- OS Version
- OS Domain
- OS Service Pack
- Test result and remediation task state transitions
- Enhancements to policy audits ensure that retired assets are not evaluated by activated policies. If the state of an asset transitions from Retired back to Active, it is included
in the next policy evaluation.
|
Changes
Between your current release family and Xanadu, some changes were made to existing Security Posture Control features.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Removed
Between your current release family and Xanadu, some Security Posture Control features or functionality were removed.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Deprecations
Between your current release family and Xanadu, some Security Posture Control features or functionality were deprecated.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Activation information
Review information on how to activate Security Posture Control.
| Release |
Release notes |
Washington DC |
Install the Security Posture Control Core, Asset Security Posture Management (ASPM), and the Configuration Compliance applications for Security Posture Control by requesting them from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.
|
Xanadu |
Install Security Posture Control by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.
|
Additional requirements
If any additional requirements were introduced or changed for Security Posture Control we have noted them here.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Browser requirements
If any specific browser requirements were introduced or changed for Security Posture Control we have noted them here.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Accessibility information
Review details on accessibility information for Security Posture Control, such as specific requirements or compliance levels.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Localization information
If there are specific localization considerations for Security Posture Control we have noted them here.
| Release |
Release notes |
Washington DC |
No updates for this release. |
Xanadu |
No updates for this release. |
Highlight information
If there are specific highlight considerations for Security Posture Control we have noted them here.
| Release |
Release notes |
Washington DC |
- Use the policies included with the application or create your own policies to audit and monitor assets for security tool coverage, compliance with internal configuration standards for security tools, critical combinations
involving vulnerabilities, and possible internet exposure.
- Search for assets in your CMDB based on queries for specific service graph connector and ServiceNow products or for assets that have specific data. You can save your search criteria as a policy.
- Create custom insights on a dashboard and monitor important metrics for your asset security posture.
- Identify priority vulnerabilities and drive resolution through insights from Security Posture Control in Vulnerability Response risk calculators and remediation target rules.
- Automate remediation workflows for security gaps by publishing findings from Security Posture Control policies into Configuration Compliance.
See Security Posture Control for more information.
|
Xanadu |
- Use the policies included with the application or custom policies that you create to monitor your assets for overall security tool coverage, compliance with internal configuration standards, critical combinations of security
gaps and vulnerabilities, and possible internet exposure.
- Search for assets based on queries that you create for data from a wide variety of supported API integrations (service graph connectors) or ServiceNow products.
- Create custom insights and monitor important metrics from a dashboard. Report on your overall security posture to IT, IT and security managers, and other key stakeholders.
- Identify priority vulnerabilities and drive resolution through insights from Security Posture Control in Vulnerability Response risk calculators and remediation target rules.
- Gain insight into which threats to your assets are mitigated by available mitigation controls based on how various security tools are configured with Mitigation Controls Monitoring.
- Automate remediation workflows for security gaps by publishing findings from Security Posture Control policies in the ServiceNow®
Configuration Compliance application.
See Security Posture Control for more information.
|