Vulnerability Response App for ServiceNow - User Guide
The VMware Carbon Black ServiceNow Vulnerability Response Application ingests vulnerabilities from the VMware Carbon Black Cloud platform. A Vulnerable Item is created from this fetched vulnerability and the configuration item. Vulnerabilities are retrieved from the Carbon Black Cloud platform when the Vulnerability Response app has an active configuration profile.
For the most complete information about endpoints, configuration items in ServiceNow, enable Asset Inventory Ingestion.
Roles and Permissions
For all actions described in this user guide, the
VMware CBC Analyst (x_vmw_cb_connector.analyst) role is required.
Configuration of the application, including of profiles, requires
VMware CBC Admin (x_vmw_cb_connector.admin). Details
on Roles and Users
are on the Configuration page.
Vulnerabilities are created in the National Vulnerabilities Database (NVD) table.
To view vulnerabilities, navigate “Vulnerability Response” > “Libraries” > “NVD”.
Open the Vulnerability record to view the vulnerability information such as ID, Risk rating, Risk Score, Severity and Summary.
Vulnerability Details can also be viewed from the “Vulnerability Details” tab.
Vulnerable items associated with the current vulnerability can be viewed by clicking on the “Vulnerable Items” tab present in the National Vulnerability Database Entries (NVD).
Navigate to “Vulnerability Response” > “Vulnerable Items” > “All” to view created Vulnerable Items.
Open any record in order to view details of the Vulnerable Item.
Click on the information icon of the Vulnerability field to view the Vulnerability associated with the vulnerable item.
Click on the information icon of the Configuration Item field to view the affected asset associated with the vulnerable item.
Configuration Item is displayed.
Navigate to the Vulnerability tab to view details of the vulnerability associated with it.
Navigate to Notes tab to view “NVD Link”. It will be visible in the activities section.
Click on the link to open Vulnerability record.
Domain Separation (Multi-tenancy)
- Use the Domain Separation feature to isolate Carbon Black Cloud data from different organizations and manage access controls.
- You must activate the Domain Support - Domain Extensions Installer plugin to use this feature.
- Use the Domain Separation feature to create child domains and assign users to a specific domain.
- Users can have multiple child domains assigned to a Parent domain.
- Each child domains can have separate Configuration Profiles with different alert records.
Support and Resources
- Download from the ServiceNow App Store:
- Troubleshooting guide
- Release Notes
- Use the Developer Community Forum to discuss issues and get answers from other API developers in the Carbon Black Community.
- Report bugs and change requests to Carbon Black Support.
- View all API and integration offerings on the Developer Network along with reference documentation, video tutorials, and how-to guides.