0
30.3.3
Australia, Zurich, Yokohama Patch 6, Yokohama, Xanadu Patch 9, Xanadu
Standalone Application
Note:
This app version is intended for Unified Security Exposure Management (USEM), a significant architectural upgrade to the Vulnerability Response applications.
If you are currently using Vulnerability Response and upgrading to USEM for the first time, you must use the Migration assistant for Unified Security Exposure Management to ensure a safe and successful upgrade. For full details, please refer to the KB2556844 and documentation before proceeding.
If you do not intend to upgrade to USEM, please select a version below 30.x when installing or upgrading.
Vulnerability Response helps organizations respond faster and more efficiently to vulnerabilities, connects security and IT teams, and provides real-time visibility into your security posture. Vulnerability Response connects the workflow and automation capabilities of the Now Platform® with vulnerability scan data from leading vendors to give your teams a single platform for response that can be shared between security and IT.
The Vulnerability Response application includes the following capabilities:
- Automate the process of organizing vulnerabilities into a group and assigning it to the IT operations team.
- Prioritize vulnerabilities based on asset criticality and vulnerability severity.
- Improve the flow of work between Security and IT via a comprehensive remediation workflow.
- Import Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Software Composition Analysis (SCA) vulnerabilities, manual penetration test assessments, and application vulnerable items to help you determine, prioritize, and remediate the impact and priority of flaws in your code using the Application Vulnerability Response (AVR) feature.
- Import information from the NIST National Vulnerability Database (NVD) with the Vulnerability Response Integration with NVD to better understand your vulnerability exposure.
New
- New vulnerable items ingested after a risk reduction is approved now automatically inherit the reduced risk rating and the corresponding SLA target.
- Remediation plan fields are now consistently displayed and editable across all finding types with state-aware behaviour - editable when awaiting implementation, read-only when resolved or closed.
- Integration drill-down is now supported for integrations built on the new integration framework, with a clear message shown when an integration is not supported by Vulnerability Response.
- Advanced Settings in the Security Exposure Management (SEM) workspace now provides a centralised panel for viewing and managing key system properties, including descriptions and configurable options.
- Integration run report status charts now use system theme-aware colors, ensuring consistent appearance in both light and dark modes.
- Import application vulnerability response data that includes application, Software Composition Analysis (SCA) and secrets data with the Wiz Application Vulnerability Response Integration.
- The sn_vul.rerun_task_rules system property for rerunning assignment rules was changed to sn_sec_rem.rerun_task_rules. Users must activate this property (set to 'true') in order to rerun assignment rules.
Fixed:
- An issue where using Split Task multiple times on the same vulnerability caused the page to redirect to an incorrect record instead of the newly created one.
- An issue where users with a dd/MM/yyyy date format received a "Planned end date must be in the future" error when creating a change from a remediation task in the workspace.
- An issue where reopening a resolved remediation task did not reopen its associated resolved vulnerable items.
- An issue where the substate reason was incorrectly cleared on vulnerable items during rollup and rolldown when multiple linked items had differing close reasons.
- A flickering issue on the Dashboard page when loading the IT Remediation and Vulnerability Manager workspaces.
- An issue where the Bulk Edit Unassign operation left background jobs stuck in a Processing state with no records updated.
- An issue where an application vulnerable item could not be closed after being marked as Resolved — the record remained in the Resolved state instead of transitioning to Closed.
- An issue where the Initial Detection and Last Open Detection widgets on the vulnerable item overview displayed the same port value regardless of which detection was referenced.
- An issue where Split Vulnerable Item (VI) by proof was not functioning correctly even when a vulnerability was explicitly added to the proof key configuration.
- An issue where a duplicate remediation task was created when a vulnerable item was reopened with the auto-defer property enabled.
- An issue where Vulnerability Assessments were not accessible from the Security Event Management (SEM) workspace.
- A regression where core Vulnerability Response workspaces (Vulnerability Manager, IT Remediation, SEM) were no longer visible in the Workspace menu after installation.
- An issue where the auto-close rule applied the wrong close note — items closed as Fixed were incorrectly labelled as Decommissioned.
- A performance issue where solution records were being updated repeatedly by a background process, causing unnecessary excessive database writes.
- The following dependency plugins for Vulnerability Response must be activated:
- com.snc.vul_dep plugin for Vulnerability Response Dependencies
- The following Security Operations applications must be installed and activated:
- Security Integration Framework
- Security Support Common
- Security Support Orchestration
- Security Exposure Management (requires entitlement from the store)
- Permissions and roles
- Roles required:
- System Admin (admin) for installation
- For Configuration:
- Application Security Manager (User part of App-Sec Manager group) for Application Vulnerability Response
- For access to the Vulnerability Response Workspaces:
- IT Remediation Workspace: sn_vul.remediation_owner
- Roles required: