The Snyk Vulnerability Intelligence for SBOM app brings Snyk package vulnerability intelligence to SBOMs stored in ServiceNow for a more accurate understanding of risk within the enterprise software supply chain..Snyk’s data inside ServiceNow will help users prioritize vulnerabilities based on severity and whether or not the impacted applications are business critical.
Together, Snyk and ServiceNow help users:
Know your open source risk level
-
Snyk identifies vulnerabilities in your internally-developed and purchased software
-
Create ServiceNow rules to know when new vulnerabilities in important applications are found
-
Search for high-profile vulnerabilities to quickly know if you’re at risk
-
View your current risk level via dashboards
Prioritize using intelligence
-
See which applications and packages are impacted by vulnerabilities
-
Snyk provides severity ratings using multiple sources for prioritization
-
Use the severity of the vulnerability within the context of the application for granular prioritization
Remediate faster and easier
-
Get Snyk remediation guidance to fix issues quickly
-
Assign and track remediation using ServiceNow workflows
-
Verify the fix with a rescan to ensure nothing is missed
-
Use the same process to remediate SBOM and other application vulnerabilities
- Ability to filter components and fetch issues of the filtered components from Snyk into ServiceNow as Vulnerabilities.
- Ability to link SBOM components and vulnerabilities along with fixed packages using the scheduler.
- Dashboard for visibility of Snyk-specific data with different visualization.
Xanadu Compatibility
Below Dependencies should be installed:
- SBOM Response
- Data Model for SBOM
- Security Support Orchestration
- Security Support Common
- Security Integration Framwork
- Vulnerability Response
- SBOM Core