Create Vulnerability Response vulnerable items

  • Release version: Xanadu
  • Updated August 1, 2024
  • 1 minute to read

    • Multiple methods create vulnerable items (VI). Most commonly, an integration to a vulnerability scanner is installed and configured to import results nightly. There are cases, like physical security vulnerabilities, when you might prefer to manually add vulnerable item records.

    Before you begin

    Role required: sn_vul.vulnerability_write

    About this task

    VIs that you create manually, and automatically-created VIs are automatically added and removed from remediation tasks by remediation task rules and group conditions.

    Procedure

    1. Navigate to All > Vulnerability Response > Vulnerable Items.
    2. Select a category to open the list.
    3. Click New.
    4. Fill in the fields on the form, as appropriate.
      For information on the vulnerable items fields see, Vulnerability Response vulnerable item form fields.
    5. Right-click in the form header and click Save.

      The remediation task rules evaluate the vulnerable item and add it to an existing task or creates a new task. If the evaluation fails, then the vulnerable item is added to Ungrouped Vulnerable Items list.

      When you save a new vulnerable item, all the enabled calculators run.
      Note:
      Only one calculator per Target field is allowed to be active at a time. When you activate one, any others with the same Target field are deactivated.
    6. You can click any of the related lists to view additional information.

      You can use the Related Link, Scan for Vulnerabilities to manually trigger a ServiceNow® -initiated scan. For information on how to configure a vulnerability scanner, see Configure and manage Qualys vulnerability scanners and scans.

      For a Qualys Vulnerability Integration, a default scanner is pre-installed in the Vulnerability Scanners module. This scanner is deactivated by default. Select the Active and Default check boxes to activate the Qualys scanner to work using the Scan for Vulnerabilities related link on the remediation task and vulnerable item forms.

      The following editing and remediation options become available from the header bar:

      • Update: Saves updates to the form.
      • Create Security Incident: Creates a security incident.
      • Close: Closes the item. If all items in its group are closed, the remediation task automatically closes.
      • Request Exception: Submits a request to defer an item.
      • Resolve: Resolves the item.
      • Delete: Removes the vulnerable item.