Integrate your Tenable.io and Tenable.sc with ServiceNow Vulnerability Response

What's in this Success Playbook

By installing the Tenable™ for for Vulnerability Response application into your ServiceNow instance, you can import your SecurityCenter vulnerability data and act on it directly within ServiceNow, to reduce your overall attack surface. This Success Playbook will help you get started on your vulnerability management journey with ServiceNow by:

  • Outlining what’s required prior to installing the SecurityCenter application into your ServiceNow instance
  • Walking you through the steps to integrate SecurityCenter with ServiceNow
  • Offering guidance on how to properly configure the Tenable application 

Key takeaways

The most important things to know

  • When your Tenable SecurityCenter is integrated with your ServiceNow instance, you can pull data from the scanner into Vulnerability Response, prioritize vulnerable items based on business criticality, and assign tasks to IT workers from one console.
  • When items are closed in Vulnerability Response, the workflow can automatically initiate a rescan to ensure the patch was applied successfully and the vulnerability was mitigated.    

The payoff of getting this right

Effectively integrating Tenable SecurityCenter will help you prioritize and respond to vulnerabilities faster. 

Steps covered

Step 1: Configure MID Server and Tenable                

  • The MID Server lets Tenable SecurityCenter talk to ServiceNow without firewall rules.
  • Create queries to send the most relevant vulnerabilities to Vulnerability Response.
  • Configure a query for high- and critical-risk vulnerabilities.

Step 2: Download and install the app                 

  • Download the CVE catalog to get a list of all publicly known vulnerabilities.

Step 3: Configure the app            

  • Use queries to control the vulnerability types you see in ServiceNow.
  • Define CI matching rules to correlate vulnerable items to existing CIs.         
What you need to get started
What you need to get started
You need ServiceNow Vulnerability Response (either standalone or as part of Security Operations Professional or Enterprise) running Madrid Patch 4, Tenable.sc v5.7 or later—or Tenable.io, Tenable for Assets v2.5, and Tenable Connector v2.5.   If you need more information, you can look at the detailed installation and configuration information about Tenable for Assets and the Tenable Connector.
Tenable SecurityCenter 5.3 or later
When you should start this activity
When you should start this activity
You can start this activity as soon as you have both Tenable SecurityCenter and ServiceNow® Vulnerability Response in place.
Don't extend development capabilities to your organization until you have clear guidelines in place for customization and development.

Related resources

Success Checklist

Plan your architecture, instances, integrations, and data flows

Download our ready-made action plan to put the right technology foundations in place to support your ServiceNow implementation.

Gain insights, get custom action plans, and achieve your goals faster.

Our Success Navigator will assess where you are in your implementation and guide you, step by step, from vision to value.