0
3.0.1
Zurich Patch 4, Zurich Patch 2, Zurich Patch 1, Zurich, Yokohama Patch 8, Yokohama Patch 6, Yokohama Patch 3, Xanadu Patch 9
Empower your vulnerability managers and analysts with AI agents in the Now Assist with Vulnerability Response application to revolutionize how they monitor and remediate your most critical vulnerabilities.
Use generative AI to help you:
- Create custom API connectors in the Security Posture Control workspace with the Connector builder framework module.
- Generate insights to prioritize findings. Prioritize critical risks and help accelerate remediation with contextual summaries, actionable recommendations, and quick links in the Security Exposure Management (SEM) workspace.
- Approve or reject requests directly from Exception Change Approval records in the Security Exposure Management (SEM) workspace with on-demand approval impact analysis.
- Identify and close duplicate host vulnerable items.
- Identify duplicates for your active host vulnerable items (VITs) that are imported by your vulnerability scanners.
- Filter potential duplicate VITs with deduplication jobs that you create.
- Identify duplicates by comparing primary and duplicate VITs on a single page in the workspace.
- Automatically move associated detections from duplicate VITs to the primary VIT records when you close the duplicates.
- Remediate vulnerabilities.
- Analysts can view potential, preferred remediation options that are imported from integrated third-party vulnerability solution products or internal solution management systems.
- Evaluate each option against the specific configuration item context, for example, the OS or software versions.
- Get recommendations for the most viable fix for implementation.
- Assess vulnerability exposure with an agentic workflow.
- Vulnerability analysts and managers can evaluate your organization's exposure to known vulnerabilities with the Assess vulnerability exposure agentic workflow.
- Evaluate exposure to CISA Vulnerabilities. Identify the most recent vulnerabilities listed by the Cybersecurity and Infrastructure Security Agency (CISA) within your environment and assess their potential impact on your Configuration Items (CIs) and business services.
- Identify Affected Assets. Discover assets affected by Common Vulnerabilities and Exposures (CVEs).
- Track Active Vulnerabilities. Determine the number of active Vulnerability Items (VITs) linked to specific CVEs.
- Monitor Remediation Efforts. Create watch topics to track the remediation of identified VITs.
- Analyze Vulnerability Remediation Status with an agentic workflow.
- Vulnerability managers can monitor and assess remediation target compliance with the Analyze vulnerability remediation status agentic workflow.
- Track SLA Compliance. Understand how effectively your organization is meeting remediation goals for vulnerabilities based on Service Level Agreements (SLAs).
- Analyze Missed SLAs by Severity, Assignment Group, and CI Class. Pinpoint gaps in remediation by categorizing overdue VITs based on severity, assignment groups, and CI classes to facilitate targeted interventions and smarter resource allocation.
- New
- Create a custom API connector in the Security Posture Control workspace with the Connector builder framework module. You have the option to use generative AI to help your developers create custom API connectors quickly with a Now Assist skill (SPC Setup Connector) that is included with the Now Assist for Vulnerability Response application.
- Automate the steps for selecting API templates, populating request and header parameters, and response field mapping with generative AI.
- Use your custom API connector to integrate with security tools and import asset data that is based on the unique requirements of your environment and monitor your overall security posture with the API connectors that you build.
- Generate insights to prioritize findings in the Security Exposure Management (SEM) workspace.
- Use generative AI to provide contextual summaries, actionable recommendations, and quick links in the Security Exposure Management (SEM) workspace, helping you prioritize critical risks and accelerate remediation.
- Generate recommendations for approval impact analysis in the SEM workspace.
- Use generative AI to provide on-demand recommendations to approve or reject a request directly from the Exception Change Approval record, enabling approvers to make faster, more consistent decisions while reducing manual analysis effort.
- Create a custom API connector in the Security Posture Control workspace with the Connector builder framework module. You have the option to use generative AI to help your developers create custom API connectors quickly with a Now Assist skill (SPC Setup Connector) that is included with the Now Assist for Vulnerability Response application.
Required plugins and products:
- Now Assist for Platform v10.0.3
- Vulnerability Response v26.4.4
- Vulnerability Response Integration with CISA v1.5.1
- Vulnerability Solution Management v10.4.3
Note: If you want to use the SPC Setup Connector skill, you must install the Security Posture Control API Connectors application v2.0 to view and use the API connector framework the Security Posture Control workspace. The Security Posture Control API Connectors application that supports the skill is not automatically installed with Now Assist for Vulnerability Response. The Security Posture Control API Connectors and Security Posture Core applications are available in the ServiceNow Store.