Container Vulnerability Response dashboard
Summarize
Summary of Container Vulnerability Response dashboard
The Container Vulnerability Response dashboard, available in the Zurich release, is a prepackaged Analytics and Reporting Solution within the ServiceNow AI Platform. It enables customers to monitor the lifecycle of container vulnerabilities—from detection and analysis to containment or remediation. The dashboard provides filters by assignment group, exploit status, risk rating, and state to help prioritize and manage vulnerabilities effectively.
Show less
Access to the dashboard requires specific roles: the ServiceNow AI Platform administrator for installation and configuration, and the Performance Analytics administrator for reviewing indicators, managing data collection, and sharing dashboards with stakeholders.
Users can access the dashboard via the classic interface under All > Container Vulnerability Response > Overview, or through the Next Experience UI starting with Container Vulnerability Response version 2.2 by navigating to Workspaces > Vulnerability Manager Workspace. Role-based default dashboards are shown, with options to switch dashboards as needed.
Key Features
- Tabs:
- Overview: Displays the overall status of container vulnerability management.
- Services: Shows container vulnerabilities impacting application services.
- Service Owners: Displays container vulnerabilities affecting service owners.
- Breakdowns: Filter and analyze vulnerabilities by exploit existence, attack vector, skill level required, remediation target, status, risk rating, state, and assignment group.
- Data Visualizations:
- Single Score Widgets: Track key metrics such as the number of container vulnerabilities, active vulnerable items, vulnerable Docker images, mean time to remediate (MTTR), and percentage meeting remediation targets.
- Bar Charts: Display vulnerable items grouped by risk rating and age.
- Lists and Line Charts: Provide detailed views of critical and high-risk container vulnerable items and highlight overdue remediation grouped by service or service owner.
Practical Considerations
Customizing the calculation of Age and Age closed for container vulnerable items may significantly impact related Performance Analytics reports. Customers should refer to the relevant knowledge base article (KB1703270) before making such changes.
This dashboard helps ServiceNow customers prioritize container vulnerability remediation efforts by providing clear visibility into vulnerability status, risk levels, and remediation timelines, enabling more effective risk management and compliance.
Analytics and Reporting Solutions contain prepackaged Performance Analytics and Reporting content for use with other ServiceNow AI Platform products. This Platform Analytics Solution permits you to track the volume, performance, and progress of vulnerabilities from initial analysis and detection to containment, or remediation. You can filter reports by assignment group, exploits, risk rating, or state.
Required ServiceNow AI Platform roles
- ServiceNow AI Platform administrator (admin): Install and activate this Analytics and Reporting Solution and make any necessary changes to system properties.
- Performance Analytics administrator (pa_admin): Review the indicators, breakdowns, widgets, and dashboards. Set up and start data collection. Share the dashboards with appropriate stakeholders.
Access the Container Vulnerability Response dashboard
To open the dashboard, navigate to .
- If you’re a new user, you can view the dashboards only from the workspaces.
- If you are on Tokyo, you can view the dashboards in the Next Experience UI but with some functional loss.
Container Vulnerability Management tabs
This dashboard lets you see the vulnerabilities that are present in containers. You can view the vulnerabilities and their related data by region, age, services, and other breakdowns.
The Overview tab provides the overall status of Container Vulnerability
Management in the system.
The Services tab shows Container vulnerable items impacting application
services.
The Service Owners tab shows Container vulnerable items impacting
service owners.
Breakdowns
- Exploit Exists
- Exploit Attack Vector
- Exploit Skill Level
- Remediation Target Status
- Risk Rating
- State
- Assignment Group
Data visualizations
| Name | Type | Description |
|---|---|---|
Container Vulnerabilities |
Single score |
Number of container vulnerabilities associated with one or more active container vulnerable items. |
| Vulnerable Items (VIs) | Single score |
Number of active (non-closed) container vulnerable items. |
| Vulnerable Docker Images | Single score |
Number of docker images associated with active container vulnerable items. |
| VI Mean Time To Remediate (MTTR) | Single score |
The mean time to remediate (close) a vulnerable item, displayed as a 30-day running average. |
Vulnerable Items Met Remediation Target |
Single score |
Percentage of closed container vulnerable items that have met their remediation target dates in the current and previous quarters. Remediation targets are calculated from the Last Opened date plus the number of days. |
Vulnerable Items by Risk Rating |
Bar |
Number of active container vulnerable items grouped by risk rating over the selected time span. |
Vulnerable Items by Age |
Bar |
Number of active container vulnerable items grouped by risk rating and age (in days). Note: Customizing the Age and Age closed calculation for container vulnerable items (CVIs) may lead to a sharp rise or drop
in the Performance Analytics (PA) reports that include these metrics. For more information on how to customize the calculation of Age and Age closed for CVIs, see the KB1703270 KB article. |
Critical Container Vulnerable Items |
List and Line |
Number of active container vulnerable items with a critical risk rating, grouped by service. |
Overdue Critical Container Vulnerable Items |
List and Line |
Number of active container vulnerable items with a critical risk rating and past their remediation target dates, grouped by service. |
High Container Vulnerable Items |
List and Line |
Number of active container vulnerable items with a high risk-rating, grouped by service. |
Overdue High Container Vulnerable Items |
List and Line |
Number of active vulnerable items with a high risk-rating and past their remediation target dates, grouped by service. |
Critical Container Vulnerable Items |
List and Line |
Number of active container vulnerable items with a critical risk rating, grouped by service owner. |
Overdue Critical Container Vulnerable Items |
List and Line |
Number of active container vulnerable items with a critical risk rating and past their remediation target dates, grouped by service owner. |
High Container Vulnerable Items |
List and Line |
Number of active container vulnerable items with a high risk-rating, grouped by service owner. |
Overdue High Container Vulnerable Items |
List and Line |
Number of active vulnerable items with a high risk-rating and past their remediation target dates, grouped by service owner. |