Streamline Your Vulnerability Remediation Workflow
Integration Benefits
- Streamline workflows with IT by utilizing the native ticketing solution leveraged by your IT operations team
- Automatically generate tickets within ServiceNow ITSM after a Rapid7 InsightVM scan is completed
- Create customizable tickets that can be opened by specific severity thresholds, sites, or asset groups
- Customize tickets with the level of detail appropriate for specific audiences and contexts
- Leverage closed-loop integration to mark vulnerabilities as “awaiting verification,” until InsightVM validates the fix
- Configure and deploy the integration with ease
Solution Overview
Being proactive about security means more than just conducting frequent security assessments of your enterprise assets. The key to securing your organization comprehensively is mitigating the risk of vulnerabilities with proper remediation steps. But it’s a bit harder than it sounds: Security teams can have challenges communicating with their IT counterparts, who are responsible for actually applying remediation steps.
Integrating Rapid7 InsightVM with ServiceNow ITSM seamlessly folds remediation instructions into IT’s existing workflows by automatically opening tickets when new vulnerabilities are discovered, and closing tickets when those vulns are fixed. But it doesn’t stop there: Additionally, you can assign tickets to the correct teams, customize the level of detail included, report when they’re closed, and double-check they’ve been successfully remediated with subsequent scans. In short, track progress in real time, rather than wait to see if issues have been fixed in the next scan.
Figure 1: Configuring ServiceNow tickets within InsightVM
Figure 2: Viewing remediation instructions and progress within ServiceNow
How It Works
InsightVM conducts a scan to assess the risk posture of the systems within your organization. The vulnerability data is then processed for each host. Next, at periodic intervals, the ServiceNow ITSM connector queries InsightVM for the latest vulnerabilities; remediation tickets are either created or closed accordingly. In the case of the former, a ServiceNow ITSM Administrator can then assign the tickets to the proper teams for remediation.
