Invicti Vulnerability Integration state mapping
The following source states from the Invicti Vulnerability Integration and their target states in your instance are listed in the following table.
Note:
If you have selected Manage exceptions and Manage False Positives to manage the state transitions for these types of application vulnerable items (AVITs) in your ServiceNow AI Platform® instance described in Configure the Invicti Vulnerability Integration, the source states that are imported from Invicti that might be mapped to deferred or closed states in your instance are mapped to the Open state.
| Invicti source states | Description of source states | Target state in the ServiceNow AI Platform |
|---|---|---|
| Present | The Issue is identified. | Open |
| Present, AcceptedRisk, Revived | The Issue has been considered and is marked as a low risk vulnerability. | Deferred |
| Present, False Positive | The Issue has been considered and is marked as not a genuine vulnerability. | Closed |
| FixedUnconfirmed, Fixed Unconfirmed | The Issue has been fixed but not confirmed by Invicti Enterprise. | Resolved |
| Fixed (Confirmed), FixedConfirmed, FixedConfirmed, AcceptedRisk, FixedConfirmed, False Positive | The Issue has been fixed and confirmed by Invicti Enterprise and no further action is required. | Closed |
| Fixed (Can't Retest) | The Issue has been identified but Invicti cannot retest to confirm whether the Issue has been fixed or not. | Resolved |
| Revived | The issue was fixed in previous scans but has been found again. | Open |
| Deferred, Ignored | The Issue was ignored by the user. In Invicti Enterprise, to ignore an issue, a user updates its status to “accepted risk”. | Risk Accepted |
Application release mapping
| Source Field | Target field on ServiceNow AI Platform |
| ID | source_app_id |
| CreatedAt | app_creation_date |
| UpdatedAt | app_updation_date |
| Name | app_name |
| RootUrl | Source_additional_info |
| Description | description |
| Tags | Tags |
Vulnerability mapping
| Source Field | Target field on ServiceNow AI Platform |
| Type | Category name |
| Vulnerability detail | Summary |
| Impact | Threat |
| Source references | Web references |
| Source recommendation | Solution |
| Type | source_entry_id/ID |
| Severity | source_severity |
| Classification[“Cwe”] | CWE list |
| CvssVectorString | CVVS v3 fields |
Scan summary mapping
| Source field | Target Field |
| Source | Source |
| TotalVulnerabilityCount | Detected_flaw_count |
| Initiated date | Dynamic scan date |
| id | source_scan_id |
Application vulnerable item (AVIT) mapping
| Source Field | Target field on ServiceNow AI Platform |
| Type | Scan type |
| Website ID | Source app ID |
| ID | Source AVIT ID |
| Last seen date | Last found |
| First seen date | First found |
| Last updated date | Last scan date |
| parameters | Affected parameter |
| URL | Affected URL |
| Severity | Source severity |
| Url | Source link |
| Vulnerability detail | Source vulnerability summary |
| External references | Source references |
| Remedy + Remedy references | Source recommendation |
| State | Source remediation status |
| Impact | Source vulnerability explanation |