Key Features

• New Properties Module: Available since version 2.11.3, this module under Administration allows direct and user-friendly modification of system properties related to Container Vulnerability Response.
• Auto-Close Rules: Define advanced-condition rules to automatically close older or stale container vulnerability items (CVITs) based on filter criteria, improving management of outdated vulnerabilities.
• Customizable Age Calculations: Configure how the Age and Age Closed parameters for container vulnerable items are calculated using Created, Opened, or First Found dates, enhancing flexibility in tracking vulnerability timelines.
• Workspace Navigation Enhancements: Starting with Vulnerability Response version 24.0.6, search results open directly in the Vulnerability Manager Workspace or IT Remediation Workspace instead of the Classic UI, based on user roles and application scope.
• Role-Based Access: Users with the snvulcontainer.readall role can view all container vulnerable items in the Vulnerability Manager Workspace, while users with snvulcontainer.readassigned role can view and remediate assigned items in the IT Remediation Workspace.
• Improved Workspace List Navigation: Enabling the snvulcmnws.navigatetoworkspace system property lets predefined filter links open directly to the List page within the appropriate workspace based on user role.
• UI Customizations: You can now hide the record count on lists in both workspaces by adding table names to the glide.ui.list.seismic.omit.count property, and enable automatic refresh for the Home page dashboard's Container Vulnerabilities tab.
• Bulk Re-evaluation of Remediation Properties: Allows conditional reevaluation of assignments, remediation tasks, target dates, exceptions, and risk scores for all or selected container vulnerable items directly from the Vulnerability Manager Workspace.
• Performance Improvements: The Rollup scheduled job now uses multithreading by splitting into smaller child jobs, significantly speeding up the processing of container vulnerable item values.
• Prisma Registry Integration: Enables ingestion of static image findings from Prisma registry scans into Container Vulnerability Response, enhancing vulnerability data coverage.

Important Changes

• The privilege to delete container vulnerable items is no longer granted to the Admin role (snvul.vulnerabilityadmin) but to a new granular role snvul.delete.
• The Close button for remediation tasks has been removed from the Classic UI, Vulnerability Manager Workspace, and IT Remediation Workspace to streamline task management.
• Container Vulnerability Response is available through the ServiceNow Store; ensure activation details are reviewed for deployment.

Practical Considerations for ServiceNow Customers

• Use the new Properties module to tailor system behavior around container vulnerabilities efficiently without scripting.
• Leverage auto-close rules to reduce manual overhead by automatically managing outdated vulnerabilities.
• Adjust age calculations to better align vulnerability metrics with your organizational tracking needs.
• Take advantage of workspace enhancements and role-based access to optimize workflows and focus remediation efforts.
• Utilize bulk reevaluation features to maintain accurate and up-to-date remediation properties across your container vulnerability inventory.
• Plan to update roles and permissions according to the new privilege model to maintain proper governance.
• After upgrades or integrations, run provided quick start tests to validate that Container Vulnerability Response operates as expected, especially if customizations exist.