Mitigation Controls Monitoring release notes

  • Release version: Store
  • Updated June 11, 2026
  • 1 minute to read

    • Version history for the Mitigation Controls Monitoring application on the ServiceNow Store.

    Important:
    For details on system requirements and family compatibility, view the application listing on the ServiceNow Store website.

    Version history

    Version 4.2.2 - June 2026
    • The following enhancements and changes support internal security directives:
      • Query ACLs added to Mitigation Controls tables to align with ServiceNow Platform Security guidance.
      • Scoped roles added for Mitigation Controls Monitoring on the SPC broker ACLs to enforce least-privilege access.
      • Hardened read-only field security on Mitigation Controls dictionary fields.
    Version 4.2.0 - April 2026
    Fixed: Inconsistent behaviors in multi-tenant environments that resulted in support for only a subset of the application's tables that are included the Domain column. Domain separation is now fully supported in Mitigation Controls Monitoring.
    Version 4.1.4 - December 2025
    Fixed: Choice values for integration_type/sn_sec_int_integration are no longer removed during the installation of Mitigation Controls Monitoring.
    Version 4.0.3 - August 2025
    Changed: The labels on the form view for the mitigation control details record associated with vulnerable item records (VITs) have been improved for more clarity. These updates make the interface more user-friendly by expanding abbreviations on the form view, such as changing "EDR" to "Endpoint Protection."
    Version 4.0.2 - May 2025
    • Fixed:
      • Enhanced handling of VM Server relationships via the CI Relationship [cmdb_rel_ci] table, enabling accurate population of mitigation details for related CIs.
      • Implemented daily refresh of mitigation details in the Asset Insight [sn_vul_cmn_asset_insight] table to ensure current and accurate mapping of mitigation controls for vulnerable items (VITs).
      • Mitigation controls are now more closely aligned with risk scores generated by your configured risk calculators.
    • New: Added support for Amazon Web Services (AWS) Web Application Firewall (WAF) detections to retrieve mitigation details for AWS infrastructure.
    Version 3.0.1 - April 2025

    Fixed:

    • F5 Big-IP integrations timing out with the MID Server.
    Version 3.0.0 - February 2025
    Mitigation controls monitoring automatically identifies how security tools such as endpoint protection (EDR) and web application firewall (WAF) are configured in your environment and what MITRE techniques are mitigated as a result. These mitigations are mapped to vulnerabilities so that your vulnerability managers can automatically reduce risk scores for vulnerable items based on available mitigation controls.