Platform Analytics Solutions for Vulnerability Management

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Platform Analytics Solutions for Vulnerability Management

    Platform Analytics Solutions for Vulnerability Management provide prepackaged Performance Analytics and Reporting content designed to work with ServiceNow AI Platform products. This solution enables you to track the volume, performance, and progress of vulnerabilities from detection through remediation. Reports can be filtered by various criteria such as assignment group, exploits, risk rating, or state, facilitating targeted vulnerability management.

    Show full answer Show less

    Note that Performance Analytics for Vulnerability Response is not automatically installed with the Vulnerability Response application; it is available separately through a subscription on the ServiceNow Store.

    Key Features

    • Dashboards: The solution includes two primary dashboards:
      • Vulnerability Management (PA) dashboard
      • Vulnerability Management Chief Information Security Officer (CISO) dashboard
    • Role-based Access and Installation:
      • ServiceNow AI Platform administrator (admin): Responsible for installing, activating, and configuring the solution.
      • Performance Analytics administrator (paadmin): Manages indicators, dashboards, data collection, and sharing with stakeholders.
    • Prepackaged Configuration: Comes with default configuration records for analysis that can be customized to fit your production environment.
    • Real-time Reporting: The Vulnerability Management (PA) dashboard offers real-time reports to help you monitor and quickly remediate critical vulnerable items. Key reports include:
      • Vulnerable Items by Assignment Group
      • Vulnerable Configuration Items without Owners
      • Retired or Stolen Configuration Items with Active Vulnerabilities
      • Deferred Vulnerable Items, including reasons and deferral requests
      • Unassigned Vulnerable Items requiring remediation

    Practical Use and Navigation

    After installation, you can access the dashboards via the following paths in the ServiceNow interface:

    • Vulnerability Management (PA) dashboard: Vulnerability Response > Overview
    • Vulnerability Management CISO dashboard: Vulnerability Response > CISO Dashboard

    Key Terms

    • Performance Analytics (PA): A solution for creating dashboards and reporting KPIs to improve quality and reduce costs.
    • Vulnerable Item (VI): A security vulnerability detected on a configuration item by a third-party scanner.
    • Remediation Task: Tasks automatically assigned to IT teams to address vulnerabilities, viewable in the IT Remediation Workspace.
    • PA Indicator: Metrics measured regularly to track vulnerability management performance.
    • PA Indicator Source: Data sets that filter relevant records for analytics reporting.

    Recommendations

    It is strongly recommended to set up and test this Analytics and Reporting Solution on a non-production instance prior to production deployment to ensure configurations align with your environment and operational needs.

    Platform Analytics Solutions contain prepackaged Performance Analytics and Reporting content for use with other ServiceNow AI Platform products. This Analytics and Reporting Solution permits you to track the volume, performance and progress of vulnerabilities from initial analysis and detection to containment, or remediation. You can filter reports by assignment group, exploits, risk rating, or state.

    The Performance Analytics for Vulnerability Response content pack is not automatically installed with the Vulnerability Response application. It is available on the ServiceNow Store as a separate subscription.

    Performance Analytics for Vulnerability Response contains two dashboards:
    • Vulnerability Management (PA) dashboard
    • Vulnerability Management Chief Information Security Officer (CISO) dashboard

    Required roles, installation, and viewing the dashboards

    The following roles and tasks are associated with this Solution:
    • ServiceNow AI Platform administrator (admin): Install and activate this Analytics and Reporting Solution and make any necessary changes to system properties.
    • Performance Analytics administrator (pa_admin): Review the indicators, breakdowns, widgets, and dashboards. Set up and start data collection. Share the dashboards with appropriate stakeholders.

    To install this application, see Install and configure the Performance Analytics for Vulnerability Response [PA] application.

    Note:
    Set up and test Analytics and Reporting Solutions on a non-production instance before enabling them in production.

    Analytics and Reporting Solutions provide all the configuration records required to analyze default applications. Customize these records for use in your production environment.

    To view the vulnerability Management (PA) dashboard, navigate to Vulnerability Response > Overview > .

    To view the Vulnerability Management CISO dashboard, navigate to Vulnerability Response > CISO Dashboard > .

    Key terms

    Performance analytics (PA)
    Solution that creates management dashboards, reports on KPIs and metrics, and answers key business questions to help increase quality and reduce costs.
    Vulnerable item (VI)
    A security vulnerability reported by a third-party vulnerability scanner that is present on a configuration item (CI).​
    Remediation task
    Remediation tasks are created and assigned automatically to IT teams based on the group that is associated with the vulnerable items in a remediation effort. IT teams and remediation owners view remediation tasks in the IT Remediation Workspace. See Vulnerability Response Workspaces for more information
    .
    PA indicator​
    Defines a performance measurement taken at regular intervals of a business service, activity, or organizational behavior, for example, Non-Deferred Overdue Critical Vulnerable Items​.
    PA indicator source
    Data sets that filter records from one table or database view, for example, VI Active​.

    View data visualizations in real-time

    To see what is happening today with the most critical items in your Vulnerability Response application, you can view certain reports on the Vulnerability Management (PA) dashboard in real-time. Viewing these reports on-the-fly helps you manage your most important vulnerable items (VIs) and remediate them quickly. You can view the following reports in real time:
    • Overview tab - Vulnerable Items by Assignment Group
    • Vulnerable CIs tab
      • Vulnerable Configuration Items (CIs) without Owners
      • Retired or Stolen CIs with Active VIs
    • Exceptions tab
      • Deferred Vulnerable Items by Reason
      • Deferral Requests About to Expire
      • Deferred Vulnerable Items by CIO Manager
    • Remediation tab - Unassigned Vulnerable Items

    For more information, see View Performance Analytics for Vulnerability Response [PA] reports in real time.