ServiceNow Vulnerability Response helps you in tracking, prioritizing, and resolving vulnerabilities. The Vulnerability Response application imports and automatically groups issues according to group rules, allowing you to remediate vulnerabilities quickly.
You can integrate Invicti Enterprise with ServiceNow Vulnerability Response to import issues identified by Invicti Enterprise into the vulnerability response application. Integrating Invicti Enterprise with the Vulnerability Response helps you to increase security in your environment.
For further information, see Streamline your vulnerability response with Invicti’s ServiceNow integration.
This topic describes how to integrate it with Invicti Enterprise.
For further information, see What Systems Does Invicti Integrate With?.
ServiceNow Vulnerability Response fields
This table lists and explains the ServiceNow Vulnerability Response Fields in the New ServiceNow Vulnerability Response window.
Assignee User Id
This is the name of the person who has been assigned the task.
This is the list of websites.
Website Group Name
This is the group to which a website belongs.
Integration Script Name
This is the name of the integration script. This name cannot be empty and contain any special character.
Generating and using Invicti Enterprise’s ServiceNow integration scripts
There are three steps to this:
- Generating the integration script in Invicti Enterprise.
- Installing the Vulnerability Response application to ServiceNow.
- Adding the script to ServiceNow Vulnerability Response
Step 1. How to generate Invicti Enterprise's ServiceNow integration scripts
- Log in to Invicti Enterprise.
- From the main menu, go to Integrations > New Integration > ServiceNow Vulnerability Response.
- In the Assignee User Id field, enter a name. (For further information about the User Id, see How to find User Id.)
- In the Website drop-down, select a website.
- In the Website Group Name field, enter a group name, if any.
- In the Integration Script Name field, enter a friendly name for your script.
- Select Generate.
Make sure you enter your User ID and User Token information into the script. For further information about your API information, see API Settings.
The following section describes third-party software, and we cannot guarantee that this description will be up-to-date.
Step2. How to install the Vulnerability Response application to ServiceNow
- Log in to ServiceNow Vulnerability Response.
- On the left navigation pane, type Applications to the filter navigator box. Then, from the All Available Applications, select All.
- From the All Applications section, type Vulnerability Response, then select Install/Update All.
- From the Install dialog, select Install. Wait for the installation to be over.
Step3. How to add the script to ServiceNow Vulnerability Response
- Now, on the left navigation pane, type Integrations to the filter navigator box. From the Vulnerability Response section, select Integrations.
- From the Vulnerability Integrations section, select New to create the script.
- On the New Record page, enter the following information:
- Name: Enter a friendly name for your integration script.
- Active: Select to activate the integration script.
- Run: From the drop-down, select the run interval.
- Time: Select the time interval for the integration script.
- On the Integration Details section, do the following:
- Next to the Integration Script field, select the search icon
- On the Script Includes window, select New.
- On the New Record window, enter a name.
This name and the integration script name you entered in Invicti Enterprise must be the same.
- Paste your script generated by Invicti Enterprise in the text area. Then, select Submit.
- You saved your script; you now must select it from the list. To do so, next to the Integration script field, select the search icon.
- From the Script Includes window, select your script from the list. After selecting, ServiceNow imports your script into the Integration Script field.
- Now, from the Report processor strategy drop-down, select Custom Report Processor.
- Select the search icon, and select the Vulnerability Report Processor Base from the drop-down.
- Select Submit to save your script.
After these steps, you can select your script from the Vulnerability Integrations page and select Execute Now to run your script.
When you execute the script, ServiceNow Vulnerability Response runs your script based on the time interval you preferred while creating the integration.
You can check whether ServiceNow runs your script successfully. To do so, you can check the Vulnerability Integration Runs tab.
To see all issues the ServiceNow Vulnerability Response has collected via the script, you can check the Third-Party section. To do so, on the left navigation pane, type Third-Party to the filter navigator box. Then, from the Vulnerability Response, select Third-Party. You can view all issues and their details.
How to find User ID in ServiceNow Vulnerability Response
- On the left navigation pane, type Users to the filter navigator box.
- From the Organization section, select Users.
- From the Users section, select the User ID to assign the task.