Vulnerability managers and IT asset and remediation managers have a common enemy: exploitable and vulnerable systems. With the latest releases, a reimagined user experience and new integrations will help your teams collaborate to reduce and harden your attack surface across your estate, including the cloud.

New workspaces for IT and vulnerability managers

As part of the modern user experiences being rolled out across the ServiceNow platform, ServiceNow has unveiled two new workspaces designed specifically to facilitate workflows across organizational lines:

In the Vulnerability Manager workspace users:

• Monitor the high-profile vulnerabilities that security teams in your organization care about the most with Watch Topics
• Create Remediation Efforts from these Watch Topics to focus IT teams on priority vulnerability resolution.
• Populate remediation tasks with IT-centric information to facilitate IT response
• Auto-assign to the groups authorized to manage the vulnerable items

The new IT Remediation Manager workspace highlights the vulnerability information in the context of other details to help the administrators get to work. They can easily identify the highest risk items and take appropriate action including responding back to the vulnerability manager about false positives or to request an exception. This integrated model helps both teams meet their goals to comply with SLAs and policies while quickly handling evolving and critical software vulnerabilities.

Tenable.io Integration for Configuration Compliance
You may already use Tenable to keep your CMDB up to date through the Vulnerability Response “Tenable for Assets” integration. However, it can be challenging to seamlessly migrate the data necessary for timely prioritization.

Now, after a Tenable scan is run, configuration test failures can be imported to ServiceNow for prioritization using ServiceNow Configuration Compliance. This enhancement means you can ingest critical configuration data from Tenable.io into the CMDB to inform risk ratings and vulnerability prioritization. Once Tenable.io data is in ServiceNow, the standard Configuration Compliance process is followed. With this integration you can:

• View configuration tests, test results, policies, and authoritative sources
• Prioritize test failures using the risk score calculator
• Integrate with ITSM change management for remediation

Application Penetration Test Requests in VR

Worried about how well you might hold up to an attack on the apps you manage or develop? Vulnerability response updates permit app owners to request a pen test, and then upload and manage test results in Vulnerability Response.

Wiz support for cloud vulnerability management

For customers who leverage Wiz to scan their cloud infrastructure for security issues, we have great news! Now, you can integrate Wiz with ServiceNow Vulnerability Response and gain a more complete view of your overall attack surface. Wiz provides in-depth analysis to help you monitor and prioritize the mitigation of vulnerabilities in your cloud.  Just import cloud vulnerability data from Wiz, then prioritize, assign, and monitor remediation efforts using Vulnerability Response.

Get started

These updates, while released with San Diego, also support previous releases. Visit the ServiceNow store or contact your administrator to get your new capabilities installed today and take the next step to transform your security operations.

.............................................................................................................................................................................

Join us for the The Now Platform San Diego event.

Mark your calendar for the Now Platform San Diego release broadcast  

Join us for the San Diego release broadcast —a global digital experience where we’ll be unveiling exciting, new innovations in the San Diego release across different markets.  

The broadcast digital event is April 6 and is part of the Knowledge Digital Experience. Your registration for this broadcast provides free access to all that the Digital Experience has to offer, including 200+ sessions beginning in May.

Make sure to watch the San Diego release introduction session with Dave Wright, chief innovation officer, as well as 21 sessions on demand, where we’ll highlight different ServiceNow^® products, innovations, demos, and the Now Platform. The times of the broadcasts are:

• AMS: April 6 at 9:00 am PT/12:00 pm ET,
• EMEA: 7 April at 8:00 am GMT/9:00 am CET
• APJ: 7 April at 9:00 am SGT /11:00 am AEST

................................................................................................................................................................................

© 2022 ServiceNow Inc. All rights reserved. ServiceNow, the ServiceNow logo, Now, Now Platform, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc. in the United States and/or other countries. Other company names, product names, and logos may be trademarks of the respective companies with which they are associated. 

servicenow.com