0
5.0.3
Yokohama, Xanadu, Washington DC, Vancouver
The Vulnerability Response Integration with Tenable built by ServiceNow imports data from the Tenable.io and Tenable.sc products. The integrations can help you prioritize and remediate Tenable vulnerabilities and identify and fix misconfigured assets found by the Tenable.io product.
- The Vulnerability Response Integration with Tenable application is built by ServiceNow and designed specifically to integrate the Tenable.io and Tenable.sc products seamlessly with Vulnerability Response.
- Using the Tenable.io integration with Configuration Compliance, identify configuration-related vulnerabilities on your assets and verify that your assets are in compliance with your policies and controls.
- Use the Setup Assistant in Vulnerability Response to configure the integration credentials and application parameters.
- Compare imported data from the Tenable platform with the existing assets (configuration items) listed in the CMDB in your Now Platform instance.
- Create vulnerable items (VIs) when third-party vulnerabilities are matched with existing configuration items.
- Schedule jobs to run automatically for all the Tenable.io and Tenable.sc integrations. You can also execute any scheduled jobs on-demand.
- Set import filters on the Tenable.io and Tenable.sc vulnerabilities so that you import only the vulnerabilities you want.
- Verify VIs for specific vulnerabilities and configuration items that have been remediated by initiating rescans in Tenable.sc and Tenable.io on-demand directly from VI, remediation task, discovered item, and third-party vulnerability records in your instance.
Key Capabilities
- Automatically import vulnerabilities discovered by Tenable.cs in cloud hosts and container images into ServiceNow.
- Enable remediation workflows to triage, assign, and resolve the most critical vulnerabilities across cloud-native and containerized environments.
- Use the Setup Assistant to easily configure credentials and integration parameters—get started with minimal manual setup.
- Scheduled jobs periodically run to:
- Import findings from Tenable.cs
- Create Vulnerable Items (for cloud hosts)
- Create Container Vulnerable Items
New:
The Vulnerability Response Integration with Tenable application now supports data ingestion from Tenable.cs, enabling you to bring in cloud and container vulnerabilities directly into ServiceNow. This integration enhances the ability to prioritize and remediate vulnerabilities identified in Tenable cloud resources and container images.
Fixed:
- Introduced a new instance parameter for page size.
- Correctly mapped Tenable.io serial number to the attribute.
- Test results received from Tenable with empty "check_name" caused display_name issue, which is fixed.
- Error handling is done for page limit exceed scenario.
- Skip updating Plugin family id for Tenable.io.
- Required plugins and products:
- The Vulnerability Response application and its dependency plugins must be installed and activated.
- For more information on application compatibility with Vulnerability Response, see Vulnerability Response Compatibility Matrix and Release Schema Changes in the Supporting links section on this page.
- The Vulnerability Response Integration with Tenable supports the Tenable.sc product starting with version 5.9.
- Permissions and roles:
- Roles required:
- System Admin (admin) for installation
- Vulnerability Admin (sn_vul.vulnerability_admin) and Configure Integration (sn_vul_tenable.configure_integrations) for configuration
- Roles required: