The Vulnerability Response Integration with Claroty xDome & Medigate enables ServiceNow Vulnerability Response to ingest full details of vulnerabilities affecting Operational Technology (OT), Internet of Things (IoT), Internet of Medical Things (IoMT), Building Management System (BMS), and other Extended Internet of Things (XIoT) assets — all of which are automatically discovered and continuously monitored by Claroty’s xDome and Medigate platforms.
Since most XIoT assets cannot be safely or effectively scanned for vulnerabilities via standard tools, they are a common cybersecurity blind spot in industrial, healthcare, and commercial sectors. Claroty’s purpose-built, non-disruptive XIoT vulnerability and risk assessment methods rapidly reveal and contextualize these blind spots, which the integration then links to your assets in Vulnerability Response via the Service Graph Connector for Claroty xDome & Medigate
As a result, you can easily identify and confidently take action against all vulnerable assets — both IT and XIoT — enterprise-wide, all from a single-pane-of-glass viewpoint in ServiceNow. Not only does this lead to fewer cybersecurity blind spots, but it also equips you to seamlessly leverage your existing Vulnerability Response workflows to strengthen your risk posture.
- ServiceNow OT-Certified Vulnerabity Integration
- Import Vulnerabilities using the ServiceNow Vulnerability Integration framework and associate to XIoT asset discovered by the Service Graph Connector for Claroty xDome & Medigate
- Guided setup walks you through configuration to get you up and running in minutes
- Optionally push Vulnerability Status updates from ServiceNow out to Claroty xDome & Medigate to minimize swivel chair activities
- Full vulnerability and risk visibility across your organization’s XIoT assets — including OT, IoT, IoMT, IIoT, and BMS devices — as well as all other cyber-physical systems found in your industrial, healthcare, and/or commercial environments
- Merging of real-time XIoT vulnerability, risk, and related asset details from xDome or Medigate with your existing IT inventory in ServiceNow Vulnerability Response
- The ability to seamlessly extend your existing IT vulnerability triage, remediation, and security operations center (SOC) workflows to all XIoT assets and systems
- The ability to harness detailed XIoT security, risk, and operational context to optimize your investigation and response workflows for incidents involving XIoT assets
- Automated translation of all XIoT vulnerability, risk, and related asset details from xDome or Medigate into ServiceNow’s native OT data model, enabling you to use exported insights to support all Vulnerability Response workflows and additional use cases through ServiceNow’s Operational Technology Manager (OTM), Security Operations, and other products — all without any additional scripting or manual work
Version 1.0.05
- Added new filters to the setup page:
minimum avs
minimum eps
import only actively exploited vulnerabilities
vulnerability relevance filter
-Added xDome's fields to each vulnerability:
Vulnerability Type
Release Date
Detection Date
Adjusted Vulnerability Score
Recommendations
Source
Actively Exploited
EPSS Score
Vulnerability Labels
Vulnerability Assignees
Vulnerability Notes
-Fixed import bug which made the number of imported items very low.
Version 1.0.04
Imported vulnerability_note from xDome into SN and into Vulnerability table.
Version 1.0.03
This patch release fixes a few bugs from previous releases:
- Updates REST API calls to use proper boolean true/false values instead of string "true"/"false" to work with updated API requirements
- Fixes source severity mapping for Vulnerable Item risk scores
- Fixes bugs with bi-directional vulnerability updates
Version 1.0.02
This patch release refactors all REST API calls to execute synchronously to improve API response timeout issues which were affecting some customers. It also removes MID server support which was not needed for this cloud-to-cloud integration.
Version 1.0.01
This patch release fixes a bug in the API filter operands for the _handleFirstSeenFilter function which may have been preventing vulnerability imports for some customers.
Version 1.0.0
This initial release of the Vulnerability Response Integration with Claroty xDome & Medigate adds the ability to import Vulnerabilities detected on assets discovered by the Service Graph Connector for Claroty xDome & Medigate. Prioritize vulnerability management based on class, site, Purdue Level, FDA Class and any other discovered attributes.
- ServiceNow - San Diego (or later)
- ServiceNow Vulnerability Response
- Service Graph Connector for Claroty xDome & Medigate
- CMDB CI Class Models - 1.42.0
- Vulnerability Response Integration with NVD1.2.0
- System Import Sets