0
30.3.3
Australia, Zurich, Yokohama Patch 6, Yokohama, Xanadu Patch 9, Xanadu
Integration
Note:
This app version is intended for Unified Security Exposure Management (USEM), a significant architectural upgrade to the Vulnerability Response applications.
If you are currently using Vulnerability Response and upgrading to USEM for the first time, you must use the Migration assistant for Unified Security Exposure Management to ensure a safe and successful upgrade. For full details, please refer to the KB2556844 and documentation before proceeding.
If you do not intend to upgrade to USEM, please select a version below 30.x when installing or upgrading.
The Vulnerability Response Integration with Tenable built by ServiceNow imports data from the Tenable.io, Tenable.sc, and Tenable.cs products. The integrations can help you prioritize and remediate Tenable vulnerabilities and identify and fix misconfigured assets found by the Tenable.io product.
- The Vulnerability Response Integration with Tenable application is built by ServiceNow and designed specifically to integrate the Tenable.io and Tenable.sc products seamlessly with Vulnerability Response.
- Using the Tenable.io integration with Configuration Compliance, identify configuration-related vulnerabilities on your assets and verify that your assets are in compliance with your policies and controls.
- Use the Setup Assistant in Vulnerability Response to configure the integration credentials and application parameters.
- Compare imported data from the Tenable platform with the existing assets (configuration items) listed in the CMDB in your Now Platform instance.
- Create vulnerable items (VIs) when third-party vulnerabilities are matched with existing configuration items.
- Schedule jobs to run automatically for all the Tenable.io and Tenable.sc integrations. You can also execute any scheduled jobs on-demand.
- Set import filters on the Tenable.io and Tenable.sc vulnerabilities so that you import only the vulnerabilities you want.
- Verify VIs for specific vulnerabilities and configuration items that have been remediated by initiating rescans in Tenable.sc and Tenable.io on-demand directly from VI, remediation task, discovered item, and third-party vulnerability records in your instance.
Key Capabilities
- Automatically import vulnerabilities discovered by Tenable.cs in cloud hosts and container images into ServiceNow.
- Enable remediation workflows to triage, assign, and resolve the most critical vulnerabilities across cloud-native and containerized environments.
- Use the Setup Assistant to easily configure credentials and integration parameters—get started with minimal manual setup.
- Scheduled jobs periodically run to:
- Import findings from Tenable.cs
- Create Vulnerable Items (for cloud hosts)
- Create Container Vulnerable Items
New:
- The Tenable.io Compliance Results integration is now split into separate Open and Fixed integrations, significantly reducing ingestion time for large environments.
- You can now configure which identifier serves as the unique key for Tenable compliance tests, preventing test results from being unintentionally overwritten.
- Integration runs can now be split by severity levels (Critical, High, Medium, Low), for payload management and scalability for large data imports.
Changed:
- Improved column sizing for JSON-based integrations to better accommodate data field lengths.
Fixed:
- An issue where priority values from Tenable cloud findings (Cloud security posture management (CSPM)) were not imported into ServiceNow, causing inaccurate risk score calculations.
- Severity mapping for Tenable Web Application Scanning (WAS) integration and removed unnecessary setup assistant configuration.
- A failure in the Tenable.cs Cloud Container Asset integration caused by a backward-incompatible API change.The "Agent Exists" field which was incorrectly set to true for all discovered items from Tenable Security Center, even when the value was not provided.
Removed:
- 3DES algorithm-based data from out-of-box records for improved security.
- Hardcoded colors from integration run reports for better theme consistency.
- Required plugins and products:
- The Vulnerability Response application and its dependency plugins must be installed and activated.
- For more information on application compatibility with Vulnerability Response, see Vulnerability Response Compatibility Matrix and Release Schema Changes in the Supporting links section on this page.
- The Vulnerability Response Integration with Tenable supports the Tenable.sc product starting with version 5.9.
- Permissions and roles:
- Roles required:
- System Admin (admin) for installation
- Vulnerability Admin (sn_vul.vulnerability_admin) and Configure Integration (sn_vul_tenable.configure_integrations) for configuration
- Roles required: