If you are currently using Vulnerability Response and upgrading to USEM for the first time, you must use the Migration assistant for Unified Security Exposure Management to ensure a safe and successful upgrade. For full details, please refer to the KB2556844 and documentation before proceeding.
If you do not intend to upgrade to USEM, please select a version below 30.x when installing or upgrading.
Vulnerability Response Integration with Invicti imports applications and application vulnerabilities using Application Vulnerability Response. Application Vulnerability Response is a feature in Vulnerability Response that helps you prioritize and remediate application vulnerabilities.
Import applications and application vulnerabilities from Interactive Application Security Testing (IAST) and Dynamic Application Security Testing (DAST) with the Invicti Vulnerability Integration into the Application Vulnerability Response application. This integration supports the following features:
- Data import - Import applications, scan summaries, and application vulnerable items with scheduled jobs that run automatically.
- CI Lookup Rules - Search your CMDB with lookup rules for data on configuration items (CIs) that matches imports from the Invicti Vulnerability Integration.
- A Configuration page enables you to authenticate your API access.
- Invicti integrations that enable you to import the following information:
- Application List Integration - Applications that are scanned by Invicti.
- Scan List Integration - Data about the date and time a scan was run.
- Application Vulnerable Item - Invicti vulnerable item data.
New:
Invicti Platform Integration
- Added support for the Invicti Platform APIs and introduced three new integration jobs that connect directly to the Invicti Platform cloud service:
- Application Integration — Imports the list of applications being scanned in Invicti Platform into ServiceNow as discovered applications.
- Scan Integration — Pulls scan records from Invicti Platform, providing scan metadata to correlate with vulnerability findings.
- Vulnerability Integration — Imports application vulnerability findings from Invicti Platform and creates or updates application vulnerable items in Vulnerability Response in your ServiceNow AI Platform.
- Application lifecycle management — When an application is deleted or decommissioned in Invicti Platform, your ServiceNow AI Platform automatically deactivates the corresponding discovered application and closes all associated application vulnerable items (AVITs), keeping your vulnerability inventory accurate without manual cleanup.
-
The following app for Vulnerability Response must be installed and activated:
- Vulnerability Response
For information on Vulnerability Response application compatibility see, "Vulnerability Response and Configuration Compliance Compatibility Matrix" under Supporting Links and Docs.
Permissions and roles- Role required: System Admin (admin) or Application Security Manager (User part of App-Sec Manager group)