Preparing for the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Preparing for the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute

    This guide helps ServiceNow customers prepare their instance for integrating Palo Alto Networks Prisma Cloud Compute with the Vulnerability Response application. Proper preparation ensures smooth installation, configuration, and data import of container vulnerability information into your ServiceNow AI Platform® instance.

    Show full answer Show less

    Key Preparation Tasks

    • Gather API credentials: Obtain the Prisma Cloud Compute API base URL, username, and password with permissions to monitor container images.
    • Verify Vulnerability Response application: Ensure the Vulnerability Response app (version 16.1 or later) is installed and activated before installing the Prisma Cloud Compute integration.
    • Obtain integration application: Download and get entitlements for the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute on your ServiceNow AI Platform® instance.
    • Estimate data volume: Assess the expected number of vulnerable items to import, and confirm your instance size can handle the load to avoid performance issues.
    • Assign appropriate roles and groups:
      • Assign the container vulnerability admin role (snvulcontainer.vulnerabilityadmin) responsible for configuring the integration and managing Container Vulnerability Response (CVR) records.
      • Use or create groups such as Vulnerability Response, Container Remediation Owner, and Vulnerability Analyst to manage remediation and monitoring tasks effectively.
    • Install prerequisite integrations: Install the Vulnerability Response integration with the National Vulnerability Database (NVD) and run the NIST NVD API for CVE data before proceeding.

    Why This Matters

    Following these preparation steps ensures that your ServiceNow instance is correctly configured to receive and manage container vulnerability data from Prisma Cloud Compute. Proper role assignments and system sizing help maintain performance and enable smooth remediation workflows.

    Next Steps

    After completing these setup tasks, you are ready to proceed with configuring the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute application to start importing and managing container vulnerabilities.

    You can prepare for the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute by performing setup tasks.

    Before you begin

    To install and configure the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute application, you may print the following checklist. Verify the items listed are completed before you install the application and import the vulnerability data into your ServiceNow AI Platform® instance.

    Table 1. Integration preparation checklist
    Task Description
    Checkbox image.
    		Verify that you have the following sets of information:
    • API base URL
    • Username and Password.
    These credentials are used to pull the vulnerabilities from the Prisma Cloud Compute integration. For more information, see https://pan.dev/compute/api/
    Note:
    MID Server is optional.
    The user credential used for Prisma Cloud Compute integration needs permission to monitor the images. See the following code: 
    {"permission":"monitorImages","saas":true,"self-hosted":true}
    Checkbox image.
    		If not already installed and activated, install the Vulnerability Response application before you install the third-party application.

    For more information about installing and activating the Vulnerability Response application, see Install Vulnerability Response. This integration requires version 16.1 of Vulnerability Response or later.
    Checkbox image.
    		Get entitlements and download the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute application on your ServiceNow AI Platform® instance.
    Checkbox image.
    		Estimate the number of vulnerable items that you expect to import.

    Verify that your instance can accept the number of vulnerable items that you expect to import. An undersized instance can lead to long load times. If you don't know the size of your instance, or if you need assistance, contact ServiceNow Technical Support.
    Checkbox image.
    		Verify that you have the following groups or users to manage the integrations and to remediate the vulnerable items:
    admin
    Install the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute application. If not assigned, the admin assigns the container vulnerability admin (sn_vul_container.vulnerability_admin) and other roles.
    sn_vul_container.vulnerability_admin
    Completes the configuration of the Prisma Cloud Compute integration. This role has complete access to the Container Vulnerability Response (CVR) application and its records. This admin configures integrations and rules in Container Vulnerability Response.
    Vulnerability Response Group
    By default, the Vulnerability Response group is available. Users assigned to the Vulnerability Response group inherit the sn_vul.read_all, sn_vul_container.read_all.
    Container Remediation Owner Group
    By default, the Container Remediation Owner group is available. Users assigned to this group inherit the sn_vul_container.remediation_owner. The Container Remediation Owner remediates container vulnerabilities assigned to them or to a group they belong to.
    Vulnerability Analyst
    Users assigned to Container Vulnerability Analyst group inherit sn_vul.vulnerability_analyst. The Vulnerability Analyst monitors remediation of all vulnerable items.

    If not already created, you may prefer to create additional groups and add users with the User Administration module in your instance. For more information, see Create a user group.
    Checkbox image.
    		Install the Vulnerability Response integration with NVD and run the NIST National Vulnerability Database Integration - API (CVE only).

    You are ready to Configure the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute application.