ServiceNow Vulnerability Response: A Closer look at Automated Rescan with Qualys
Updated: Apr 21, 2020
Your security team can save time by automating manual processes within ServiceNow. Power-up ServiceNow’s vulnerability response capabilities by integrating Qualys or your other vulnerability scanners.
Vulnerability Rescan (or Closed Loop Validation)
ServiceNow leverages integrations with vulnerability response scanners such as Qualys, Repid7, and Tenable to validate the remediation of found vulnerabilities that have been marked as resolved in ServiceNow. This automation assures that vulnerabilities are tracked until they are no longer present and provides swift feedback to remediation teams when patching activities fail, assuring quick resolution.
The Rescan Process
Once a vulnerable item or group is identified as being resolved, the system automatically creates a scan request to the source vulnerability scanner (Qualys for the purposes of this post) to scan the identified asset. Once the scan is complete, the results are returned to ServiceNow and the vulnerability is updated:
If the scanner found the vulnerability to be resolved, the vulnerable item or vulnerable group is transitioned automatically by ServiceNow to the closed state.
If it is unresolved, it is moved back to the open state.
The Rescan is triggered, when the vulnerable item or vulnerable group is placed into the resolved state, the state lifecycle can be seen below.
Using ServiceNow as the command center for Vulnerability Response and Qualys as the example vulnerability scanner, this video brings the process of rescanning to life.
Need Help with Vulnerability Response?
No matter where you are on your maturity journey, Cerna Solutions has you covered when it comes to handling vulnerabilities on the ServiceNow platform. Recognized as a ServiceNow "Elite" partner, we are a team of 100% US-based ServiceNow professionals who specialize in ServiceNow Vulnerability Response. Our approach to Security Operations has earned us a repeat customer rate of 91%, and a customer satisfaction score of 9.7/10. Learn more about our ServiceNow Security Operations offerings, or contact us for more information.