0
26.2.2
Zurich, Yokohama, Xanadu, Washington DC, Vancouver, Utah
Vulnerability Response helps organizations respond faster and more efficiently to vulnerabilities, connects security and IT teams, and provides real-time visibility into your security posture. Vulnerability Response connects the workflow and automation capabilities of the Now Platform® with vulnerability scan data from leading vendors to give your teams a single platform for response that can be shared between security and IT.
The Vulnerability Response application includes the following capabilities:
- New modern user experience through the Vulnerability Manager and IT Remediation Workspaces.
- Automate the process of organizing vulnerabilities into a group and assigning it to the IT operations team.
- Prioritize vulnerabilities based on asset criticality and vulnerability severity.
- Improve the flow of work between Security and IT via a comprehensive remediation workflow.
- Import Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Software Composition Analysis (SCA) vulnerabilities, manual penetration test assessments, and application vulnerable items to help you determine, prioritize, and remediate the impact and priority of flaws in your code using the Application Vulnerability Response (AVR) feature.
- Import information from the NIST National Vulnerability Database (NVD) with the Vulnerability Response Integration with NVD to better understand your vulnerability exposure.
- Fixed
- A scheduled job that rolls up exploits instead of keeping them as events. You might experience an increase in performance.
- Date validation for vulnerable item (VIT) deferrals in the legacy UI. Valid dates are no longer rejected, and an error message is no longer displayed if you select dates within a 12-month period.
- Policy exception handling logic properly identifies the closed status of vulnerabilities. The system maintains vulnerabilities in the "Closed" state as expected when policy exceptions are applied.
- State management logic properly processes VIT states when a parent vulnerability is deleted during an active exception request review. The system updates the state of linked VITs as expected when their parent vulnerability is removed.
- Comment handling logic to prevent unintended state changes on vulnerability remediation tasks when comments are added to rejected or closed policy exceptions. The system maintains the current state of remediation tasks, regardless of comment activity on inactive policy exceptions.
- Enhanced vulnerability detection logic that maintains previously approved exception statuses. The system maintains the appropriate exception-approved state for VITs when the same vulnerability is detected again, preventing them from automatically transitioning back to an "Open" state.
- Logic handling for remediation target rules in the Application Vulnerability Response system. The system interprets and applies these rules as expected, ensuring that remediation targets are set appropriately based on the defined criteria.
- Rule evaluation engine so that it processes and applies conditions as expected that are based on the risk ratings in remediation target rules. The system interprets risk rating conditions and applies the appropriate remediation timeframes based on the configured rules.
- The data transfer mechanism between remediation tasks and change requests that maintains the Short description field. The system preserves the complete short description text when generating change requests from remediation tasks.
- UI rendering logic for the 'VI per CI Class' widget to display only valid filter elements. The system displays only valid filters, and empty filter options are not available.
- Refactored the affected business rules so that the current.update() method is implemented according to the platform's best practices. The implementation updates records with appropriate validation and error handling.
- Optimized the VulnerabilityUtils initialization process by implementing a more efficient approach to handle auto-close rules. The system uses a cached approach that only queries auto-close rules when they are needed, not during every initialization.
- The full text from the Description field of a remediation task text is copied to the change request’s Description field to preserve the complete context when a change request is created from a remediation task. Additionally, the remediation task’s Short description field content is copied to the change request’s Short description field.
- The following dependency plugins for Vulnerability Response must be activated:
- com.snc.vul_dep plugin for Vulnerability Response Dependencies
- The following Security Operations applications must be installed and activated:
- Security Integration Framework
- Security Support Common
- Security Support Orchestration
- Permissions and roles
- Roles required:
- System Admin (admin) for installation
- For Configuration:
- Application Security Manager (User part of App-Sec Manager group) for Application Vulnerability Response
- For access to the Vulnerability Response Workspaces:
- IT Remediation Workspace: sn_vul.remediation_owner
- Roles required: