0
30.0.0
Zurich, Yokohama, Xanadu
Note:
- Versions 30.0.X are part of the Innovation Lab (Early Access) release for Unified Security Exposure Management (USEM). These versions are intended for sub-production environments and a limited number of selected customers participating in the USEM Innovation Lab program.
- Upgrade Guidance: If you're not part of the USEM Innovation Lab program and want to upgrade without USEM, please select the latest GA version below 30.x.
Vulnerability Response Integration with Veracode imports applications and application vulnerabilities using Application Vulnerability Response. Application Vulnerability Response is a feature in Vulnerability Response that helps you prioritize and remediate vulnerabilities.
Imports applications and application vulnerabilities resulting from Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Software Composition Analysis (SCA), manual penetration testing results, and Software Bill of Materials (SBOM)s from Veracode into the Application Vulnerability Response feature. Some features of this integration:
- CI Lookup Rules - Lookup rules are used to search for configuration items (CIs) in the CMDB with matching information from the Veracode Vulnerability Integration.
- A shared API ingests DAST, SAST, SCA data and manual penetration testing results.
- A separate API is used to ingest SBOM data.
- Changed
- Modified integrations to adopt standardized data model and modularized feature sets for Application Vulnerability Response (AVR).
- Initial release
-
- If Vulnerability Response Integration with Veracode for SecOps is installed, a tile to review the integration status run is displayed in the Administration Console.
The following applications must be installed and activated:
- Vulnerability Response.
- ServiceNow Software Bill of Materials applications are required to view the data you import with the Veracode Software Bill of Materials (SBOM) Integration.
For information on Vulnerability Response application compatibility see, "Vulnerability Response and Configuration Compliance Compatibility Matrix" under Supporting Links and Docs.
Permissions and roles
- Role required: System Admin (admin) or Application Security Manager (User part of App-Sec Manager group)