0
32.0.7
Australia, Zurich, Yokohama Patch 6, Yokohama, Xanadu Patch 9, Xanadu
Integration
This app version is intended for Unified Security Exposure Management (USEM), a major architectural upgrade to Vulnerability Response applications.
If you are currently using Vulnerability Response and upgrading to USEM for the first time, you must use the Migration assistant for Unified Security Exposure Management to ensure a safe and successful upgrade.
For full details, please refer to the KB2556844 and documentation before proceeding.
If you do not intend to upgrade to USEM, please select a version of this app below 30.x when installing or upgrading.
The Wiz integrations import vulnerability and compliance data from Wiz scanners into your ServiceNow AI Platform instance to help you get deeper insights into your cloud infrastructure risks. These integrations provide you with a comprehensive assessment of your overall cloud security posture and drive remediation actions directly from the ServiceNow AI Platform.
The Vulnerability Response Integration with Wiz application includes the following key integrations:
- Wiz Asset Integration
- This integration is a prerequisite to run any of the other Wiz integrations. Import assets to which the findings from other subsequent integrations are linked to.
- Wiz Vulnerability Integration
- Import host vulnerability findings related to virtual machines and serverless assets in your cloud environment with Wiz’s Host Vulnerability Integration. These findings are mapped to Host Vulnerable Items (VITs) within the Vulnerability Response application to support remediation workflows.
- Import container image vulnerability data discovered by Wiz. Findings are mapped to container vulnerable items (CVITs) to support triage, risk prioritization, and targeted remediation workflows for container-based workloads.
- Wiz Configuration Compliance Integration (Wiz Test Results)
- Import configuration test results from Wiz to detect non-compliant cloud configurations. Findings are mapped to cloud test results (CTRs) in the Configuration Compliance application to help you enforce security policies and standards across your cloud environment.
- Wiz Issues Integration
- Import Wiz Issues that identify assets involved in toxic combinations of vulnerabilities and misconfigurations. These findings are also mapped to CTRs with 'Wiz Issues' labeled as the source to help you track and remediate assets that may pose complex multi-vector risks.
- Wiz Application list, Wiz SCA findings, and Wiz Secret findings integrations
- Import application, Software Composition Analysis (SCA), findings, Secrets (passwords, tokens and keys) data.
Changed:
- Resource Type is no longer a mandatory field for configuring the Vulnerability Response Integration with Wiz. You can now save Wiz configurations for the integrations without specifying a Resource Type, simplifying setup for use cases where specifying a Resource Type isn't appropriate.
- Enhancements and changes to the application to support internal security directives.
Fixed:
- An issue where very few configuration test results (CTRs) were created because Wiz cloud configuration findings were being matched by cloud account ID instead of by resource external ID and distinct resources were treated as the same configuration item (CI). Findings now match on external IDs, correctly creating a result per distinct resource.
- The following Security Operations plugins must be installed and activated:
- com.snc.security_support.vul
- com.snc.secops.orchestration
- The following applications must be installed and activated. These applications are available from the Servicenow Store:
- Vulnerability Response application and its dependent plugins
- For ingesting misconfigurations from Wiz, we need to install the com.snc.vulc plugin
- For ingesting the container vulnerabilities from Wiz, we need to install the com.snc.vulnerability.container plugin.
- Permissions and roles:
- System Admin (admin) for installation, and
- sn_vul_container.configure_integration or sn_vul_int_fw.configure_integration to configure the integration.