Vulnerability Response workspaces overview

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Vulnerability Response Workspaces Overview

    The Vulnerability Response workspaces in ServiceNow Zurich release provide integrated environments tailored to different roles involved in managing vulnerabilities. These workspaces support Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response, and Configuration Compliance. They enable users to identify, prioritize, remediate, and manage vulnerabilities efficiently through a unified AI-powered platform.

    Show full answer Show less

    Workspaces and Roles

    • Vulnerability Manager Workspace: Enables vulnerability managers to protect assets by analyzing vulnerability data from various sources, prioritizing critical issues, and delegating remediation tasks to IT teams.
    • IT Remediation Workspace: Designed for IT specialists to monitor and resolve remediation tasks assigned by vulnerability managers, using tools such as patches, rescans, change requests, and exceptions all from one place.
    • Vulnerability Assessment Workspace: Supports vulnerability event managers in assessing exposure and managing critical vulnerability events proactively, including zero-day vulnerabilities.

    Key Features

    • Bulk Edit: Update multiple records simultaneously in the Vulnerability Manager Workspace to streamline vulnerability management.
    • Dashboards: Access comprehensive dashboards for Vulnerability Management, Approvals, CISO, Container and Application Vulnerability Management, and Remediation in respective workspaces using the Next Experience UI.
    • Remediation Task Management: Create, split, and request exceptions for remediation tasks manually in both Vulnerability Manager and IT Remediation Workspaces, enhancing flexibility in managing vulnerabilities.
    • Policy Exceptions: Request exceptions for vulnerable items and remediation tasks to manage compliance and risk effectively.
    • Vulnerability Crisis Management (VCM): Create and track critical vulnerability events to respond swiftly to high-impact threats.
    • Compensating Controls: Add and manage compensating controls in the Vulnerability Manager Workspace to mitigate risks.
    • Risk Reduction Requests: Initiate risk reduction requests for hosts and remediation tasks directly from the IT Remediation Workspace.
    • Issue Integration: Create agile and Jira issues for application and container vulnerabilities to facilitate collaboration and tracking outside ServiceNow.

    Practical Benefits for ServiceNow Customers

    These workspaces provide customers with a comprehensive, role-based approach to vulnerability management that enhances collaboration between security and IT teams. Customers can expect improved prioritization, streamlined remediation workflows, real-time tracking of critical events, and integration with external issue tracking systems. The solution supports efficient handling of vulnerabilities across various environments, helping organizations reduce risk and maintain compliance.

    The Vulnerability Manager and IT Remediation Workspaces support Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response, and Configuration Compliance.

    The Vulnerability Manager, IT Remediation, and Vulnerability Assessment Workspaces

    Vulnerability Manager Workspace
    As a Vulnerability Manager, protect your company's assets from malware and malicious attacks. From a single work area in your ServiceNow AI Platform®, with the Vulnerability Response application, along with current vulnerability data imported into your instance from vulnerability libraries and third-party scanner data applications, identify critical vulnerabilities and misconfigurations, prioritize them, and send lists of remediation tasks over to IT for their specialists to act on.
    IT Remediation Workspace

    As an IT specialist, use lists, or remediation tasks (RT) sent over by vulnerability managers to monitor and resolve critical vulnerabilities assigned to you or your groups. Fix groups of vulnerable items with patches, solutions, vulnerability rescans, change requests, exceptions, and other tools to remediate vulnerable items and test results all from one location.

    Vulnerability Assessment Workspace
    As a Vulnerability event manager, perform exposure assessment, and proactively manage critical vulnerability events especially during the critical vulnerability events such as a zero-day event.

    Key features

    The Vulnerability Response workspaces include the following features and enhancements.

    For more information about version compatibility with the family releases, refer to the KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes article in the HI Knowledge Base.