0
30.0.1
Zurich, Yokohama, Xanadu
Note:
- Versions 30.0.X are part of the Innovation Lab (Early Access) release for Unified Security Exposure Management (USEM). These versions are intended for sub-production environments and a limited number of selected customers participating in the USEM Innovation Lab program.
- Upgrade Guidance: If you're not part of the USEM Innovation Lab program and want to upgrade without USEM, please select the latest GA version below 30.x.
The Vulnerability Response integration with the Fortify on Demand product imports applications and application vulnerabilities to use with Application Vulnerability Response. Application Vulnerability Response is a feature in the ServiceNow Vulnerability Response application that helps you prioritize and remediate application vulnerabilities.
This integration imports applications and application vulnerabilities that result from Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) into the Application Vulnerability Response feature. Some features of this integration:
- Data import - Scheduled jobs run automatically in your Now Platform instance to import applications, scan summaries, and application vulnerable items.
- CI Lookup Rules - Lookup rules are used to search for configuration items (CIs) in the CMDB with matching information from the Fortify Application Vulnerability Integration.
- Changed:
- Modified integrations to adopt standardized data model and modularized feature sets for Application Vulnerability Response (AVR).
- Initial release:
-
- If Fortify Application Vulnerability Integration for SecOps is installed, a tile to review the integration status run is displayed in the Administration Console.
- The following app for Vulnerability Response must be installed and activated:
- Vulnerability Response
- Permissions and roles
- Role required: System Admin (admin) or Application Security Manager (a user who is a member of the App-Sec Manager group)