Container Vulnerability Response dashboard

Release version: Yokohama

Updated January 30, 2025

4 minutes to read

Summarize

Summarized using AI

Summary of Container Vulnerability Response dashboard

The Container Vulnerability Response dashboard, part of the ServiceNow Yokohama release, provides prepackaged analytics and reporting to track container vulnerabilities throughout their lifecycle—from detection and analysis to containment and remediation. It enables ServiceNow customers to monitor vulnerability volume, performance, and progress using filters such as assignment group, exploits, risk rating, and state. This solution supports enhanced decision-making and prioritization in container security management.

Show full answer Show less

Access and Roles

ServiceNow AI Platform administrator (admin): Responsible for installing, activating, and configuring the Analytics and Reporting Solution.
Performance Analytics administrator (paadmin): Manages indicators, dashboards, data collection, and sharing with stakeholders.

To access the dashboard, navigate to All > Container Vulnerability Response > Overview. From version 2.2 onward, the dashboard is also accessible in the Next Experience UI via Workspaces > Vulnerability Manager Workspace. New users can only view dashboards through these workspaces, with some functional limitations on the Tokyo release.

Dashboard Features and Tabs

The dashboard offers multiple tabs and breakdowns to provide detailed insights:

Overview tab: Displays the overall status of container vulnerability management in the system.
Services tab: Shows container vulnerabilities impacting application services.
Service Owners tab: Highlights vulnerabilities affecting service owners.

Users can filter and analyze vulnerabilities based on exploit existence, attack vector, skill level, remediation targets, status, risk rating, state, and assignment group.

Key Data Visualizations

The dashboard includes various visual indicators and charts to help track and prioritize container vulnerabilities:

Single score metrics: Number of container vulnerabilities, active vulnerable items, vulnerable Docker images, mean time to remediate (MTTR), and percentage meeting remediation targets.
Bar charts: Active container vulnerable items grouped by risk rating and age, aiding trend and risk analysis over time.
Lists and line charts: Detail critical and high-risk container vulnerable items, including those overdue for remediation, grouped by service or service owner.

Note: Customizing age and age-closed calculations for container vulnerable items may significantly impact performance analytics reporting. Customers should consult the related knowledge base article (KB1703270) before making changes.

Analytics and Reporting Solutions contain prepackaged Performance Analytics and Reporting content for use with other ServiceNow AI Platform products. This Platform Analytics Solution permits you to track the volume, performance, and progress of vulnerabilities from initial analysis and detection to containment, or remediation. You can filter reports by assignment group, exploits, risk rating, or state.

Required ServiceNow AI Platform roles

ServiceNow AI Platform administrator (admin): Install and activate this Analytics and Reporting Solution and make any necessary changes to system properties.
Performance Analytics administrator (pa_admin): Review the indicators, breakdowns, widgets, and dashboards. Set up and start data collection. Share the dashboards with appropriate stakeholders.

Access the Container Vulnerability Response dashboard

To open the dashboard, navigate to All > Container Vulnerability Response > Overview.

Important:

Starting with version 2.2 of Container Vulnerability Response, this dashboard can also be viewed in the Next Experience UI. To view the dashboard in the new UI, navigate to Workspaces > Vulnerability Manager Workspace and select the Dashboards icon. Depending on your role, the default dashboard is displayed. To view other dashboards, select the drop-down next to the dashboard name. For more information, see Dashboards page in the Vulnerability Manager Workspace and Dashboards page in the IT Remediation Workspace.

Note:

If you’re a new user, you can view the dashboards only from the workspaces.
If you are on Tokyo, you can view the dashboards in the Next Experience UI but with some functional loss.

Container Vulnerability Management tabs

This dashboard lets you see the vulnerabilities that are present in containers. You can view the vulnerabilities and their related data by region, age, services, and other breakdowns.

The Overview tab provides the overall status of Container Vulnerability Management in the system. Container Vulnerability Management - Overview tab

The Services tab shows Container vulnerable items impacting application services. Container Vulnerability Management - Services tab

The Service Owners tab shows Container vulnerable items impacting service owners. Container Vulnerability Management - Service Owners tab

Breakdowns

Exploit Exists
Exploit Attack Vector
Exploit Skill Level
Remediation Target Status
Risk Rating
State
Assignment Group

Data visualizations


Name	Type	Description
Container Vulnerabilities	Single score	Number of container vulnerabilities associated with one or more active container vulnerable items.
Vulnerable Items (VIs)	Single score	Number of active (non-closed) container vulnerable items.
Vulnerable Docker Images	Single score	Number of docker images associated with active container vulnerable items.
VI Mean Time To Remediate (MTTR)	Single score	The mean time to remediate (close) a vulnerable item, displayed as a 30-day running average.
Vulnerable Items Met Remediation Target	Single score	Percentage of closed container vulnerable items that have met their remediation target dates in the current and previous quarters. Remediation targets are calculated from the Last Opened date plus the number of days.
Vulnerable Items by Risk Rating	Bar	Number of active container vulnerable items grouped by risk rating over the selected time span.
Vulnerable Items by Age	Bar	Number of active container vulnerable items grouped by risk rating and age (in days). Note: Customizing the Age and Age closed calculation for container vulnerable items (CVIs) may lead to a sharp rise or drop in the Performance Analytics (PA) reports that include these metrics. For more information on how to customize the calculation of Age and Age closed for CVIs, see the KB1703270 KB article.
Critical Container Vulnerable Items	List and Line	Number of active container vulnerable items with a critical risk rating, grouped by service.
Overdue Critical Container Vulnerable Items	List and Line	Number of active container vulnerable items with a critical risk rating and past their remediation target dates, grouped by service.
High Container Vulnerable Items	List and Line	Number of active container vulnerable items with a high risk-rating, grouped by service.
Overdue High Container Vulnerable Items	List and Line	Number of active vulnerable items with a high risk-rating and past their remediation target dates, grouped by service.
Critical Container Vulnerable Items	List and Line	Number of active container vulnerable items with a critical risk rating, grouped by service owner.
Overdue Critical Container Vulnerable Items	List and Line	Number of active container vulnerable items with a critical risk rating and past their remediation target dates, grouped by service owner.
High Container Vulnerable Items	List and Line	Number of active container vulnerable items with a high risk-rating, grouped by service owner.
Overdue High Container Vulnerable Items	List and Line	Number of active vulnerable items with a high risk-rating and past their remediation target dates, grouped by service owner.