VR Configuration and Schedule Import

Note:Tenable does not, currently, support Domain Separation in the Tenable for Vulnerability Response application.

This section describes how to configure Tenable for VR.

Note: The Tenable for Vulnerability Response application only supports Tenable.sc versions 5.7 and later.

The VR integration configuration allows ServiceNow to poll and retrieve vulnerability data from Tenable.

Before you begin:

  • In ServiceNow, you must have an account that has the x_tsirm_tio_vr.admin role complete the setup.
  • Configure the Tenable Connector

    Note: You must completely configure and tune Tenable for Assets to correctly match Tenable Assets with ServiceNow CIs. If you do not do this first, you will have issues with VR.

Third Party Vulnerabilities

To view third party vulnerabilities:

  • Navigate to Vulnerability > Libraries > Third Party.

    Vulnerabilities that include TEN- were imported from Tenable.io or Tenable.sc. Click a vulnerability to view the details.

    Note: The bottom of the page includes vulnerability items and lists of CVE information linked during the import.

Configuration Items (Assets from Tenable.io)

To view configuration items:

  • Navigate to Configuration Item Management > Assets Pending Approval.

Vulnerability Items (Linked Vulnerability and Configuration Items)

To view vulnerability items:

  • Navigate to Vulnerabilities > Vulnerable Items.

    Vulnerabilities that include TEN- were imported from Tenable.io and Tenable.sc. Click a vulnerability to view the details.

    Note: If a vulnerability item is closed, the text boxes are disabled. In the Notes section, you can view information about why the item is closed.