Get a demo
AppSec with Zero Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Support

Integrating Invicti Enterprise with ServiceNow Vulnerability Response (Plugin)

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

ServiceNow Vulnerability Response is a vulnerability management tool that helps organizations track, prioritize, and share tasks across departments to resolve vulnerabilities.

You can integrate Invicti Enterprise with ServiceNow Vulnerability Response to send vulnerabilities identified by Invicti Enterprise to ServiceNow Vulnerability Response. 

Integrating Invicti Enterprise with ServiceNow Vulnerability Response helps you to increase security in your environment.

For further information, refer to Streamline your vulnerability response with Invicti’s ServiceNow integration.

This article explains how to set up an integration for Invicti Enterprise with ServiceNow Vulnerability Response using an update set plugin.

Integrating Invicti Enterprise with ServiceNow Vulnerability Response

There are three steps to this integration:

  1. Download the ServiceNow Vulnerability Response update set
  2. Set up the connection with ServiceNow Vulnerability Response
  3. Configure ServiceNow Vulnerability Response with Invicti Enterprise

Follow the instructions below for each step to integrate Invicti Enterprise with ServiceNow Vulnerability Response, then create a sample issue to test the connection.

Step 1: How to download the ServiceNow Vulnerability Response update set

  1. Log in to Invicti Enterprise.
  2. From the main menu, select Integrations > New Integration.
  3. Select ServiceNow Vulnerability Response.

  1. Click Download Plugin.

You now have the necessary file to continue with Step 2 to set up the connection with ServiceNow Vulnerability Response.

Step 2: How to set up the connection with ServiceNow Vulnerability Response

  1. Log in to your ServiceNow platform.
  2. Search for 'system update sets', then select Retrieved Update Sets from the search results.

  1.   Click Import Update Set from XML.

  1. Click Choose File and select the Invicti Enterprise Vulnerability Response file that you downloaded in Step 1. Then click Upload.

  1. Click on the file name Invicti Enterprise Vulnerability Response to open the file.

  1. Click Preview Update Set.

  1. Click Close when the Update Set Preview dialog box indicates the action has succeeded.

  1. Click Commit Update Set.

  1. Click Close when the Update Set Commit dialog box indicates the action has succeeded.

Invicti Enterprise is now connected with your ServiceNow Vulnerability Response instance. Continue with Step 3 to configure ServiceNow Vulnerability Response with Invicti Enterprise.

Step 3: How to configure ServiceNow Vulnerability Response with Invicti Enterprise

  1. Log in to Invicti Enterprise.
  2. From the main menu, select Integrations > New Integration.
  3. Select ServiceNow Vulnerability Response.

  1. Enter the following information:
  • Name: This is the name for the integration.
  • URL: This is the URL for your ServiceNow platform.
  • Username: This is your ServiceNow Username.
  • Password: This is your ServiceNow Password.

  1. Click Load ServiceNow Details. If the connection is successful, the Vulnerability Response Configuration section appears.

  1. In the Mandatory Fields section, edit the Title Format field if you want different information pulled into your ServiceNow Vulnerability Response application. The default fields are target, vulnerability, and severity. This is a free text field where you can add any mandatory fields that you want to pull from Invicti Enterprise into ServiceNow Vulnerability Response.

  1. Choose a template type for the vulnerability description: Standard (fewer issue fields) or Detailed (more issue fields). This determines the vulnerability information that is pushed into the Notes field on ServiceNow.

  1. Use the Optional Fields section to select additional fields you have configured in ServiceNow that you want to integrate with Invicti Enterprise.

    For example, in the image below we have selected Assignment group and Problem Analyzers, which are a defined group of people in our ServiceNow Vulnerability Response instance. This configuration means that detected vulnerabilities will automatically be sent to ServiceNow and assigned to the Problem Analyzers.

To add additional fields for configuration, click + Add Field.

  1. Select a configuration item from the drop-down list to match targets to your Vulnerability Response configuration.

  1. Click Save.

Your integration with ServiceNow Vulnerability Response is configured and ready to use. Follow the steps below to create a sample issue to test the integration.

Creating a sample issue to test integration

  1. From the Invicti Enterprise main menu, select Integrations > Manage Integrations.
  2. Next to the relevant ServiceNow integration, click Edit.

  1. Select Create Sample Issue.

Invicti Enterprise exports a sample issue to ServiceNow Vulnerability Response to test the integration. If successful, a ticket is opened in ServiceNow Vulnerability Response.

Troubleshooting

If you experience any issues while setting up the integration, contact our support team for assistance.

Updates

You will need to repeat these steps whenever the plugin file is updated.

Managing integrations

How to edit the ServiceNow Vulnerability Response integration

  1. From the main menu, select Integrations > Manage Integrations.
  2. Next to the relevant Vulnerability Response integration, select Edit.
  3. Make the necessary changes, then click Save.

How to delete the ServiceNow Vulnerability Response integration

  1. From the main menu, select Integrations > Manage Integrations.
  2. Next to the relevant Vulnerability Response integration, select Delete.
  3. On the Delete Integration pop-up, click Delete.

How to clone the ServiceNow Vulnerability Response integration

  1. From the main menu, select Integrations > Manage Integrations.
  2. Next to the relevant Vulnerability Response integration, select Clone.
  3. Make the necessary changes, then click Save.

Tip: You can clone your integration to create as many incident management integrations as you need. However, due to security precautions, passwords cannot be cloned.

Exporting vulnerabilities to ServiceNow Vulnerability Response

This section outlines the various ways you can send vulnerabilities from Invicti Enterprise to ServiceNow Vulnerability Response.

Notifications after scanning

Once the integration has been configured, you can configure Invicti Enterprise to automatically send issues to ServiceNow Vulnerability Response after scanning has been completed. For further information, see Managing Notifications.

Issues page

  1. From the main menu, select Issues > All Issues.
  2. On the Issues page, select one or more issues you want to send.
  3. Select Send To > ServiceNow Vulnerability Response.

A pop-up is displayed with a link to the issue you have sent to ServiceNow Vulnerability Response. If there is an error, this information will be displayed instead.

Recent Scans page

  1. From the main menu, select Scans > Recent Scans.
  2. Next to the relevant scan, select Report.
  3. Scroll down to the Technical Report section.
  4. From the list of detected issues, select an issue and display its details.

  1. Select Send To > ServiceNow Vulnerability Response.

You can view the issues you have sent to ServiceNow Vulnerability Response on the Open issues page.

If you have already previously submitted this vulnerability to ServiceNow Vulnerability Response, it will already be accessible. You cannot submit the same issue twice.

« Back to the Invicti Support Page

Top Articles

What is Invicti?

Overview of Scan Policies

Scheduling Scans

Managing Integrations

Built-In Reports

Invicti Help Center

Our Support team is ready to provide you with technical help.

Go to Help Center This will redirect you to the ticketing system.