Integrating Invicti Enterprise with ServiceNow Vulnerability Response
ServiceNow Vulnerability Response is a vulnerability management tool that helps organizations track, prioritize, and share tasks across departments to resolve vulnerabilities.
You can integrate Invicti Enterprise with ServiceNow Vulnerability Response to import vulnerabilities identified by Invicti Enterprise into ServiceNow Vulnerability Response. Integrating Invicti Enterprise with ServiceNow Vulnerability Response helps you to increase security in your environment.
For further information, refer to Streamline your vulnerability response with Invicti’s ServiceNow integration.
This article explains how to integrate Invicti Enterprise with ServiceNow Vulnerability Response using an integration script.
ServiceNow Vulnerability Response Fields
This table lists and explains the ServiceNow Vulnerability Response Fields on the New ServiceNow Vulnerability Response page.
Assignee User ID
This is the name of the person who has been assigned the task.
This is the list of websites.
Website Group Name
This is the group to which a website belongs.
Integration Script Name
This is the name of the integration script. This name cannot be empty or contain any special character.
Generating and using Invicti Enterprise’s ServiceNow integration scripts
There are three steps to this:
- Generating the integration script in Invicti Enterprise.
- Installing the Vulnerability Response application to ServiceNow.
- Adding the script to ServiceNow Vulnerability Response
Step 1: How to generate the integration script
- Log in to Invicti Enterprise.
- From the main menu, go to Integrations > New Integration > ServiceNow Vulnerability Response.
- In the Assignee User Id field, enter a name. (For further information about the User Id, refer to How to Find the User Id at the end of this article.)
- In the Website drop-down, select a website.
- In the Website Group Name field, enter a group name, if any.
- In the Integration Script Name field, enter a name for your script.
- Select Generate.
Make sure you enter your User ID and User Token information into the script. For further information about your API information, refer to API Settings.
Step 2: How to install the Vulnerability Response application to ServiceNow
- Log in to ServiceNow Vulnerability Response.
- On the left navigation pane, type Applications to the filter navigator box. Then, from the All Available Applications, select All.
- From the All Applications section, type Vulnerability Response, then select Install/Update All.
- From the Install dialog, select Install. Wait for the installation to complete.
Step 3: How to add the script to ServiceNow Vulnerability Response
- On the left navigation pane, type Integrations to the filter navigator box. From the Vulnerability Response section, select Integrations.
- From the Vulnerability Integrations section, select New to create the script.
- On the New Record page, enter the following information:
- Name: Enter a friendly name for your integration script.
- Active: Select to activate the integration script.
- Run: From the drop-down, select the run interval.
- Time: Select the time interval for the integration script.
- On the Integration Details section, do the following:
- Next to the Integration Script field, select the search icon
- On the Script Includes window, select New.
- On the New Record window, enter a name.
This name and the integration script name you entered in Invicti Enterprise must be the same.
- Paste your script generated by Invicti Enterprise in the text area. Then, click Submit.
- Your script is saved. Now you must select it from the list. To do so, next to the Integration script field, select the search icon.
- From the Script Includes window, select your script from the list. After selecting, ServiceNow imports your script into the Integration Script field.
- From the Report processor strategy drop-down, select Custom Report Processor.
- Select the search icon, then select the Vulnerability Report Processor Base from the drop-down.
- Click Submit to save your script.
You can now select your script from the Vulnerability Integrations page and select Execute Now to run your script.
When you execute the script, ServiceNow Vulnerability Response runs your script based on the time interval you selected when creating the integration.
You can check whether ServiceNow runs your script successfully. To do so, you can check the Vulnerability Integration Runs tab.
To see all issues that ServiceNow Vulnerability Response has collected via the script, you can check the Third-Party section. To do so, on the left navigation pane, type Third-Party to the filter navigator box. Then, from Vulnerability Response, select Third-Party. You can view all issues and their details.
How to Find the User ID in ServiceNow Vulnerability Response
- On the left navigation pane, type Users to the filter navigator box.
- From the Organization section, select Users.
- From the Users section, select the User ID to assign the task.