Solutions

  • Products
  • Use Cases
  • Industries
  • EBOOK
  • Making it #EasyForEmployees
  • A guide with best practices for transforming the employee service experience.
  • WHITE PAPER
  • Modernizing government via ITSM
  • A research doc about government agencies’ digital transformation challenges.

Platform

  • REPORT
  • Gartner names ServiceNow a leader
  • 2018 Magic Quadrant for Enterprise High-Productivity Application PaaS.

Customers

  • CUSTOMER STORY
  • General Mills transforms HR
  • Global employee service experience shows entire corporation how it’s done.

Explore

  • PERSPECTIVE
  • Do you need an AI council?
  • Formal collaboration helps implement new technology safely and effectively.

Configure MID Server and Tenable

Configure your MID Server so Tenable SecurityCenter can communicate with ServiceNow.

  • The MID Server lets Tenable SecurityCenter talk to ServiceNow without firewall rules.
  • Create queries to send the most relevant vulnerabilities to Vulnerability Response.
  • Configure a query for high‑ and critical‑risk vulnerabilities.

Set up a MID Server that’s registered with the ServiceNow instance you’ll be using for Vulnerability Response. For more information, please refer to the ServiceNow product documentation.
 
Once your is MID Server configured, it allows your ServiceNow cloud instance to execute commands in your enterprise IT environment. In this case, it allows your on‑premises Tenable SecurityCenter to communicate with your ServiceNow instance without having to create special firewall rules.

Take a look at Figure 1 to see how Tenable SecurityCenter integrates with ServiceNow.

Figure 1: The architecture of the integration of the Tenable SecurityCenter with ServiceNow

Step 1: Configure a SecurityCenter account to use with ServiceNow

  • From the Users drop‑down list, select New.
  • Click +Add to create a new user account.
  • Fill in the fields with the relevant information.
  • From the Role drop‑down list under Membership, select Security Manager.
  • From the Group drop‑down list, select Full Access. (See Figure 2.)
  • Under Group Permissions, enable Manage All Users and Manage All Objects and select the Full Access check boxes under User Permission and Object Permission. (see Figure 3.)
  • Click Submit.

 

Figure 2: Membership Role and Group selections

Figure 3: Group Permissions selections

This creates an account that allows ServiceNow to connect to SecurityCenter to retrieve the vulnerability data via the MID Server.

Step 2: Configure a query

Configure at least one query in Tenable SecurityCenter:

  1. Add a name.
  2. Add a description and tag (optional). 
  3. From the Type drop‑down list, select Vulnerability.
  4. From the Tool drop‑down list, select Vulnerability Detail List.

Figure 4: Configuring a Tenable SecurityCenter query

You’ll use this query in a later step, when you configure the Tenable SecurityCenter for the Vulnerability Response app in your ServiceNow instance.

Configure a filter query for high‑risk vulnerabilities

If you want to focus on managing high‑ to critical‑risk vulnerabilities (most organizations do): 

  1. From within the query you’re building, click +Add Filter
  2. In the Exploit Available  field, select  Yes
  3. In the Severity field, select  Critical, High.

Figure 5: Query filter selections for high‑ and critical‑risk vulnerabilities

When you apply these filters, ServiceNow only pulls in the vulnerabilities with existing exploits that have a high or critical severity. You can continue to tune the filter after the initial run with selections like Patch PublishedCVE ID, etc.

Discover the systems impacted by a specific vulnerability

If you are trying to determine which systems are impacted by a specific vulnerability—for example, if a new exploit is making headlines—create a query with the filter CVE ID. Yes, you can add multiple CVEs to this query.

When you do this, SecurityCenter sends only the items that match the CVE filters, and you get a prioritized list of configuration items to target for remediation right away.

Explore additional phases

Plan

You want to be sure everything is in place for a smooth, successful deployment.

Deploy

You want to be sure you’re following best practices during implementation.

Optimize

You’re up and running and want to get the most from your investment.

Extend

You’re ready to extend ServiceNow into other areas of your enterprise.

Thank You

Thank you for submitting your request. A ServiceNow representative will be in contact within 48 hours.

form close button

Contact Us

I would like to hear about upcoming events, products and services from ServiceNow. I understand I can unsubscribe any time.

  • By submitting this form, I confirm that I have read and agree to the Privacy Statement.