Platform Analytics Solutions for Vulnerability Management

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Platform Analytics Solutions for Vulnerability Management

    Platform Analytics Solutions for Vulnerability Management provide prepackaged Performance Analytics and Reporting content designed to work with ServiceNow AI Platform products. This solution enables ServiceNow customers to track the volume, performance, and progress of vulnerabilities from detection through containment or remediation. Users can filter reports by various parameters such as assignment group, exploits, risk rating, or vulnerability state.

    Show full answer Show less

    The Performance Analytics for Vulnerability Response content pack is a separate subscription available from the ServiceNow Store and is not included automatically with the Vulnerability Response application. It includes two key dashboards:

    • Vulnerability Management (PA) dashboard
    • Vulnerability Management Chief Information Security Officer (CISO) dashboard

    Installation and Roles

    To implement this solution, the following roles and tasks are essential:

    • ServiceNow AI Platform administrator (admin): Responsible for installing and activating the solution and adjusting system properties as needed.
    • Performance Analytics administrator (paadmin): Manages indicators, breakdowns, widgets, dashboards, data collection, and sharing dashboards with stakeholders.

    It is recommended to install and test this solution in a non-production environment before enabling it in production. Customers should customize the provided configuration records to fit their production environment requirements.

    Key Terms

    • Performance Analytics (PA): A solution creating management dashboards and reporting on KPIs and metrics to help improve quality and reduce costs.
    • Vulnerable Item (VI): A security vulnerability detected by third-party scanners on configuration items (CIs).
    • Remediation Task: Automatically created tasks assigned to IT teams based on remediation efforts related to vulnerable items.
    • PA Indicator: A defined performance measurement tracked regularly, such as overdue critical vulnerable items.
    • PA Indicator Source: Data sets that filter records from tables or database views for analytics.

    Using the Dashboards and Real-Time Data Visualization

    ServiceNow customers can access the dashboards via the following navigation paths:

    • Vulnerability Management (PA) dashboard: Vulnerability Response > Overview
    • Vulnerability Management CISO dashboard: Vulnerability Response > CISO Dashboard

    The Vulnerability Management (PA) dashboard includes reports that can be viewed in real-time to monitor critical vulnerable items, enabling faster remediation. Real-time reports cover areas such as:

    • Vulnerable Items by Assignment Group
    • Vulnerable Configuration Items without Owners
    • Retired or Stolen Configuration Items with Active Vulnerabilities
    • Deferred Vulnerable Items and Deferral Requests
    • Unassigned Vulnerable Items

    Viewing these analytics in real time helps organizations prioritize and manage their vulnerability response effectively.

    Platform Analytics Solutions contain prepackaged Performance Analytics and Reporting content for use with other ServiceNow AI Platform products. This Analytics and Reporting Solution permits you to track the volume, performance and progress of vulnerabilities from initial analysis and detection to containment, or remediation. You can filter reports by assignment group, exploits, risk rating, or state.

    The Performance Analytics for Vulnerability Response content pack is not automatically installed with the Vulnerability Response application. It is available on the ServiceNow Store as a separate subscription.

    Performance Analytics for Vulnerability Response contains two dashboards:
    • Vulnerability Management (PA) dashboard
    • Vulnerability Management Chief Information Security Officer (CISO) dashboard

    Required roles, installation, and viewing the dashboards

    The following roles and tasks are associated with this Solution:
    • ServiceNow AI Platform administrator (admin): Install and activate this Analytics and Reporting Solution and make any necessary changes to system properties.
    • Performance Analytics administrator (pa_admin): Review the indicators, breakdowns, widgets, and dashboards. Set up and start data collection. Share the dashboards with appropriate stakeholders.

    To install this application, see Install and configure the Performance Analytics for Vulnerability Response [PA] application.

    Note:
    Set up and test Analytics and Reporting Solutions on a non-production instance before enabling them in production.

    Analytics and Reporting Solutions provide all the configuration records required to analyze default applications. Customize these records for use in your production environment. For more information, see Configure Analytics and Reporting Solutions.

    To view the vulnerability Management (PA) dashboard, navigate to Vulnerability Response > Overview > .

    To view the Vulnerability Management CISO dashboard, navigate to Vulnerability Response > CISO Dashboard > .

    Key terms

    Performance analytics (PA)
    Solution that creates management dashboards, reports on KPIs and metrics, and answers key business questions to help increase quality and reduce costs.
    Vulnerable item (VI)
    A security vulnerability reported by a third-party vulnerability scanner that is present on a configuration item (CI).​
    Remediation task
    Remediation tasks are created and assigned automatically to IT teams based on the group that is associated with the vulnerable items in a remediation effort. IT teams and remediation owners view remediation tasks in the IT Remediation Workspace. See Vulnerability Response Workspaces for more information
    .
    PA indicator​
    Defines a performance measurement taken at regular intervals of a business service, activity, or organizational behavior, for example, Non-Deferred Overdue Critical Vulnerable Items​.
    PA indicator source
    Data sets that filter records from one table or database view, for example, VI Active​.

    View data visualizations in real-time

    To see what is happening today with the most critical items in your Vulnerability Response application, you can view certain reports on the Vulnerability Management (PA) dashboard in real-time. Viewing these reports on-the-fly helps you manage your most important vulnerable items (VIs) and remediate them quickly. You can view the following reports in real time:
    • Overview tab - Vulnerable Items by Assignment Group
    • Vulnerable CIs tab
      • Vulnerable Configuration Items (CIs) without Owners
      • Retired or Stolen CIs with Active VIs
    • Exceptions tab
      • Deferred Vulnerable Items by Reason
      • Deferral Requests About to Expire
      • Deferred Vulnerable Items by CIO Manager
    • Remediation tab - Unassigned Vulnerable Items

    For more information, see View Performance Analytics for Vulnerability Response [PA] reports in real time.