Prerequisites

Before you begin, ensure you have completed the following prerequisites.

Jira

Before you create tickets within Jira via Tenable products, you must have the following:

A Jira user with the following permissions:

Important! The user must be part of the Jira admin group and have the app admin role. For more information, see Give Users Admin Permissions in the Atlassian Documentation.

Jira Permission	Purpose in Exposure Response	Custom Context	Atlassian Documentation
"ASSIGNABLE_USER"	User Validation	Ensures the dedicated integration user is a valid assignee within the project, which is often a prerequisite for using "ASSIGN_ISSUES".	Assignable User Permissions
"ASSIGN_ISSUES"	Work Assignment	Allows the integration to assign the newly created ticket to the designated user or group specified in the Initiative configuration.	Assign Issues Permissions
"BROWSE_PROJECTS"	Visibility	Allows the integration to read and confirm the existence of the configured Jira project and its Issue Types.	Browse Projects Permissions
"CREATE_ISSUES"	Ticket Creation	Required to automatically generate new tickets for findings that match the Initiative's criteria (the "combination").	Create Issues Permissions
"EDIT_ISSUES"	Status Synchronization	Enables Tenable to update key fields, push risk data (like VPR), and change the ticket status (e.g., from Resolved to Resurfaced).	Edit Issues Permissions
"LINK_ISSUES"	Audit Trail	Creates the essential link between the Tenable finding and the corresponding Jira ticket, enabling the Ticket Log functionality.	Link Issues Permissions

A Jira project with the following fields enabled for issues:

Important: You must have at least one Jira project for the configuration to function as expected.
- "priority",
- "assignee",
- "labels",
- "summary",
- "description",
- "issuetype",
- "parent",
- "project",
- "reporter" — To use this field, the user must also have the "MODIFY REPORTER" permission enabled.
  
  Tip: In Jira, navigate to Settings > System > Admin Helper > Permission Helper to confirm or provision the permission for the user.

For more information about Jira configuration, see the Tenable for Jira Cloud Integration Guide.

ServiceNow

Before you create incidents via Tenable products, you must have the following:

A ServiceNow administrator user with the following roles:

ServiceNow Permission	Custom Context	ServiceNow Documentation
canvas_user	Primarily associated with accessing and viewing Configurable Workspaces and pages built with UI Builder. This role provides the necessary permissions to render and interact with the visual structure (the "canvas") of the ServiceNow user interfaces.	Document Intelligence Roles
cmdb_inst_admin	Grants administrative rights specifically for configuring and managing CMDB data integration processes.	Exploring SGC Central
connection_admin	A specialized administrative role focused on managing the security and configuration of external system connections.	Create a Connection Administrator

ServiceNow Permission

Custom Context

ServiceNow Documentation

canvas_user

Primarily associated with accessing and viewing Configurable Workspaces and pages built with UI Builder.

This role provides the necessary permissions to render and interact with the visual structure (the "canvas") of the ServiceNow user interfaces.

Document Intelligence Roles

cmdb_inst_admin

Grants administrative rights specifically for configuring and managing CMDB data integration processes.

Exploring SGC Central

connection_admin

A specialized administrative role focused on managing the security and configuration of external system connections.

Create a Connection Administrator

For more information about creating a ServiceNow user, see Create a User in the Tenable for ServiceNow Integration Guide.