Integrate your Black Duck account with ServiceNow Vulnerability Response to prioritize and remediate application vulnerabilities.
Black Duck comes with three Integration steps:
Project List Integration - This integration step pulls and ingests data into the Black Duck projects table.
Application List Integration - This integration step ingests applications into discovered applications table for all the versions available with Black Duck Integration in projects table.
Application Vulnerable Item Integration : This integration step ingests vulnerable items into ServiceNow application based on the vulnerabilities detected by scanners for every discovered application in the system.
New:
- Identify and mitigate the open-source code vulnerabilities detected by Black Duck Software Composition Analysis (SCA) tool ingested into Application Vulnerability Response to reduce the risks.
-
The following app for Vulnerability Response must be installed and activated:
- Vulnerability Response
For information on Vulnerability Response application compatibility see, "Vulnerability Response and Configuration Compliance Compatibility Matrix" under Supporting Links and Docs.
Permissions and roles- Roles required:
- System Admin (admin)
- Application Security Manager (User assigned to App-Sec Manager group)