0
30.0.0
Zurich, Yokohama, Xanadu
Note:
- Versions 30.0.X are part of the Innovation Lab (Early Access) release for Unified Security Exposure Management (USEM). These versions are intended for sub-production environments and a limited number of selected customers participating in the USEM Innovation Lab program.
- Upgrade Guidance: If you're not part of the USEM Innovation Lab program and want to upgrade without USEM, please select the latest GA version below 30.x.
The Vulnerability Response Integration with Tenable built by ServiceNow imports data from the Tenable.io, Tenable.sc, and Tenable.cs products. The integrations can help you prioritize and remediate Tenable vulnerabilities and identify and fix misconfigured assets found by the Tenable.io product.
- The Vulnerability Response Integration with Tenable application is built by ServiceNow and designed specifically to integrate the Tenable.io and Tenable.sc products seamlessly with Vulnerability Response.
- Using the Tenable.io integration with Configuration Compliance, identify configuration-related vulnerabilities on your assets and verify that your assets are in compliance with your policies and controls.
- Use the Setup Assistant in Vulnerability Response to configure the integration credentials and application parameters.
- Compare imported data from the Tenable platform with the existing assets (configuration items) listed in the CMDB in your Now Platform instance.
- Create vulnerable items (VIs) when third-party vulnerabilities are matched with existing configuration items.
- Schedule jobs to run automatically for all the Tenable.io and Tenable.sc integrations. You can also execute any scheduled jobs on-demand.
- Set import filters on the Tenable.io and Tenable.sc vulnerabilities so that you import only the vulnerabilities you want.
- Verify VIs for specific vulnerabilities and configuration items that have been remediated by initiating rescans in Tenable.sc and Tenable.io on-demand directly from VI, remediation task, discovered item, and third-party vulnerability records in your instance.
Key Capabilities
- Automatically import vulnerabilities discovered by Tenable.cs in cloud hosts and container images into ServiceNow.
- Enable remediation workflows to triage, assign, and resolve the most critical vulnerabilities across cloud-native and containerized environments.
- Use the Setup Assistant to easily configure credentials and integration parameters—get started with minimal manual setup.
- Scheduled jobs periodically run to:
- Import findings from Tenable.cs
- Create Vulnerable Items (for cloud hosts)
- Create Container Vulnerable Items
- Changed:
- Modified integration to adopt standardized data model and modularized feature sets across Vulnerability Response (VR), Container Vulnerability Response (CVR), and Configuration Compliance (CC).
- Initial release:
-
- If Vulnerability Response Integration with Tenable for Security Operations is installed, a tile to review the integration status run is displayed in the Administration Console.
- Required plugins and products:
- The Vulnerability Response application and its dependency plugins must be installed and activated.
- For more information on application compatibility with Vulnerability Response, see Vulnerability Response Compatibility Matrix and Release Schema Changes in the Supporting links section on this page.
- The Vulnerability Response Integration with Tenable supports the Tenable.sc product starting with version 5.9.
- Permissions and roles:
- Roles required:
- System Admin (admin) for installation
- Vulnerability Admin (sn_vul.vulnerability_admin) and Configure Integration (sn_vul_tenable.configure_integrations) for configuration
- Roles required: