Back to Blogs

New and updated VMware Carbon Black Cloud Apps for ServiceNow

Posted on March 20, 2023

The new Carbon Black Cloud App for ServiceNow Vulnerability Response v1.0.0 is now available and provides integration of vulnerability data from Carbon Black Cloud to create tickets in ServiceNow.

Updated versions of the ServiceNow SecOps App v2.0.0 and ITSM App v2.0.0 are available with new data ingest options and more actions available.

All apps also include integration with the ServiceNow Configuration Management Database (CMDB) to support inventory use cases.

Release Highlights

  • New ServiceNow Vulnerability Response App
  • CMDB Integration across all three apps (ITSM, SecOps, VR) for inventory use cases
  • Additional SOAR actions in the ITSM and SecOps Apps
  • Data Forwarder Alert ingestion Support
  • Support for ServiceNow Versions San Diego and Tokyo

App for Vulnerability Response (VR) v1.0.0

The VMware Carbon Black Cloud for Vulnerability Response app automates ticket creation and tracking to streamline vulnerability management workflows.

By integrating risk-prioritized vulnerability data from the Carbon Black Cloud directly into ServiceNow, security teams can triage vulnerabilities, automatically create tickets, and remediate or patch vulnerabilities leveraging a single console and simplified workflows.

This application delivers full access to endpoint vulnerability context so that analysts can proactively harden their environment against the highest risk vulnerabilities.

Key Features and Benefits:

  • Automated ticket creation in ServiceNow with vulnerability and risk context from Carbon Black Cloud
  • Streamlined management with the ability to open, triage and track vulnerability tickets across multiple teams
  • Integrated into existing ServiceNow and Carbon Black workflows to enable analysts to harden against or patch vulnerabilities using SOAR actions from Carbon Black

ServiceNow CMDB Integration

Integrating Carbon Black Cloud device data into ServiceNow’s CMDB increases visibility into device context to aid security and IT teams during investigations. This integration will help streamline investigations and enable security teams to react to incidents with speed and confidence.

The ServiceNow CMDB integrates seamlessly with other ServiceNow modules and Carbon Black apps, providing consistent device context and visibility from ServiceNow ITSM, SecOps and Vulnerability Response.

Key Features and Benefits:

  • Leverage device metadata collected by Carbon Black within ServiceNow workflows for ITSM, SecOps and Vulnerability Response
  • Increase analysts’ confidence when responding to an alert by providing direct access to device details
  • Improve the efficiency of investigations with direct visibility into device details alongside SOAR actions and security metadata

Updates to the ITSM and SecOps Apps

  • Data Forwarder Support for Alert Ingestion
  • Additional SOAR actions
  • Attach Carbon Black Cloud Assets to Tickets as ServiceNow CMDB Configuration Items
  • Compatibility with ServiceNow San Diego and Tokyo Versions

Data Forwarder Support for Alert Ingestion:

Customers using the Carbon Black Cloud apps for ServiceNow ITSM and SecOps can now leverage the Data Forwarder to stream their Carbon Black Cloud Alert data into ServiceNow from an AWS S3 Bucket. This method allows for improved scalability and reliability when ingesting higher volumes of Alerts into ServiceNow.


For more information, check out the resources below:

Have questions or feedback?