0
15.3.4
Yokohama, Xanadu, Washington DC, Vancouver
Configuration Compliance exposes configuration-related security vulnerabilities that have the highest impact on business operations. It streamlines the remediation process across frequently isolated information security, IT operations, and business process stakeholders.
The Configuration Compliance application includes the following capabilities:
- Using the Tenable.io integration with Configuration Compliance (CC), identify configuration-related vulnerabilities on your assets to verify that your assets are in compliance with your policies and controls.
- Secure Configuration Assessment (SCA) ecosystem integration - ServiceNow Configuration Compliance unifies configuration assessment, assignment, and remediation across all of your assets. Configuration scanning content can be imported from leading SCA applications such as Qualys Policy Compliance (PC) and Tenable.io.
- Asset-centric prioritization - Focus your limited remediation resources on activities with the greatest risk reduction.
- Remediation workflow orchestration - Configuration findings can be grouped and routed based on remediation specialist skill set and areas of responsibility. Intelligent workflows and tight integration with change management provides smooth task handoffs between groups.
- Continuous monitoring for ServiceNow Governance, Risk, and Compliance (GRC) risk assessment and policy compliance - When CC is used with ServiceNow GRC, the configuration tests in Configuration Compliance can be rolled up to their corresponding GRC controls in ServiceNow GRC.
- Enhanced change management - Create pre-populated change requests for IT directly from Configuration Compliance to help you with your remediation tasks that require additional resources.
- Dashboards - View the remediation status metrics on the remediation tasks, compliance tests, and policy records.
- Fixed :
- The scheduled job Rollup test result values to remediation task and configuration test will check the status of the previous background job before starting a new one.
- The Configuration Compliance application and its dependency plugins must be installed and activated.
- For more information on the Vulnerability Response and Configuration Compliance applications compatibility, see Vulnerability Response Compatibility Matrix and Release Schema Changes in the Supporting Links and Docs section on this page.
- The following Security Operations apps must be installed and activated:
- Security Integration Framework
- Security Support Common
- The Qualys Vulnerability Integration and the Tenable.io product in the Tenable Vulnerability Integration can be used with the Configuration Compliance.
- For more information about these integrations and their compatibility with Configuration Compliance, see Vulnerability Response Compatibility Matrix and Release Schema Changes in the Supporting Links and Docs section on this page.
- Permissions and roles:
- Roles required:
- System Admin (admin) for installation
- Configuration Compliance Admin (sn_vulc.admin) or admin for configuration
- Roles required: