servicenow vulnerability response helps you view and respond to all vulnerabilities across all it assets from a single pane of glass including infrastructure configuration and now application vulnerabilities in this demonstration we'll take on the role of carla jackson a vulnerability analyst when carla starts her day she logs into her servicenow instance to view her dashboards now it's worth noting that these dashboards are part of vulnerability response and are activated when application vulnerability response is enabled each one of the tabs on the dashboard represents information carla can use to help guide her decisions and work the security posture tab provides a holistic view into the application vulnerabilities that exist in the environment including trend lines for the active vulnerabilities unassigned vulnerabilities severity distribution in the environment and more the remediation trend tab shows carla how effective the remediation processes are going and the scoreboard shows how well the various applications are handling their critical vulnerabilities now notice that the zero online banking application has seen a recent increase in vulnerabilities next let's take a look at the imported data from the application vulnerability scanner let's go ahead and filter and note that there are many critical vulnerabilities found in the last vera code dashed scan let's click on this finding now servicenow displays important contextual data from the scanner like the location and finding detail including a link back to the original source tool servicenow also performs automated calculations to determine risk scoring assignment group remediation target and more based on configurable rules that we'll look at later these calculations can take full advantage of other servicenow data like cndb and business service information each imported finding is tracked against an application release the application release is in turn tracked against the related scan application this allows customers to roll up and report on vulnerabilities based on application and release version the scanned application can be mapped to its related services in the cmdb providing information about the service context to be used by servicenow calculators and rules for instance here we can see that the application in question is used by the rewards processing service after seeing the data that we've imported from the scanner let's talk about how we can configure various rules to prioritize and assign the work that needs to be performed this is where we use a lot of the same common features as vulnerability response to make work happen servicenow also performs automated calculations to determine risk score risk rating assignment group and remediation target based on configurable rules as i mentioned earlier these calculations can take full advantage of other servicenow data like cmdb and business services information our first configuration is assignment rules these rules will set the assignment of the application vulnerable items data type when it is imported from the scanner you can use the condition builder to customize how vulnerable items are automatically assigned when they are imported you can assign them by user group the user group field in a configuration item itself or via scripting for more complex assignments in our case vulnerabilities are automatically assigned to the support group from the scanned application configuration item in this case it's team angels our next configuration will be the remediation target rules these rules will populate remediation target dates according to your internal policies and allows you to notify stakeholders as the remediation target approaches in our case the application vulnerable item has been given the shortest remediation time frame of 15 days because the risk rating is one now if an internal policy changes the remediation target can be reduced and automatically recalculated for all applicable vulnerable items you'll note in the remediation target rule we have a target of 15 days but will notify after seven and this is due to the condition that the risk rating is critical these can be fully customized for the various risk ratings next let's discuss vulnerability calculators these rules can be used to calculate various fields of the application vulnerable item particularly the risk score these calculations can be used to prioritize when work is performed i can change the weights to change the overall risk ratings for imported vulnerable items so we can see the weighting that we are basing the risk scores on here and i can change these to so long as they equal 100 so i can drop the vulnerability severity to say 70 and then increase the waiting for o wasp and sans that will then change the risk score examples down below so you'll have a real-time view of how the different weighting will affect the overall risk scores across the environment these calculations can be used to prioritize when work is performed i can change these weights to change the overall risk rating for imported vulnerable items and see examples of how those weighting changes will affect the risk rating for vulnerable items our last configuration will be normalized severity maps this is used to normalize the severity field on the vulnerable item when it's imported this is important when importing vulnerabilities from different sources so we can normalize their severity values with ours the last thing i'll show you is the integration configuration where the veracode vulnerability integration is set up in this module the customer can populate their api id and api key to set up the integration quickly and easily now the api id can be retrieved from the veracode api credentials by copying the id value the api key can be retrieved from the varicode api credentials by copying the secret key value and finally you can test the credentials ad hoc using this button servicenow continues to enhance and develop new integrations with our technology partners and this integration can also be used as a gold standard design for customers when they're developing their own integrations with their tool of choice and that was a brief look at application vulnerability response from servicenow if you'd like to learn more please visit us at www.servicenow.com forward slash security operations thank you