Install and configure the Performance Analytics for Vulnerability Response [PA] application

  • Release version: Australia
  • Updated April 28, 2026
  • 5 minutes to read

    • Before you can use the Performance Analytics for Vulnerability Response application, you must get entitlement and download the application from the ServiceNow Store, install it on your ServiceNow AI Platform® instance, and complete a few installation and configuration steps. The PA application is not installed as part of the Vulnerability Response application. It is available as a separate subscription.

    Before you begin

    If you already have the application on your instance and you're updating to a newer version of the application, proceed to step 8 in the following steps to continue with the update and configuration.

    For a fresh installation, complete the following setup checklist prior to installation. These setup tasks are required for a smooth installation and configuration.

    To verify that plugins and applications are installed and activated, navigate to All > Subscription Management > Subscriptions in your instance. The list displays the subscriptions your organization has purchased.

    Note:
    This process applies only to applications that are downloaded to production instances. If you're downloading applications to non-production or development instances, it's not necessary to get entitlements. Proceed to Activate a ServiceNow Store application.
    Setup tasks Description
    Verify that the Vulnerability Response dependencies plugin (com.snc.vul_dep) is installed and activated.
    Vulnerability Response Dependencies
    This plugin contains all the dependency plugins required to support the application.

    To verify that the plugin is installed and activated, in your instance you want the application navigate to System Applications > All Available Applications > All.

    If you're prompted to update other dependency plugins, select the links in the dialogs and follow the prompts to continue.
    Verify that the ServiceNow Vulnerability Response application (sn_vul) is installed and activated.
    Vulnerability Response

    To verify that the plugin is installed and activated, in your instance you want the application navigate to System Applications > All Available Applications > All.

    If you're prompted to update other dependency plugins, select the links in the dialogs and follow the prompts to continue.

    Activation of this plugin on production instances may require a separate license. Contact ServiceNow for details.
    Verify that you have the required ServiceNow roles for your instance. The following roles are required for installation, configuration, and verification of expected results:
    • The Performance Analytics Admin [pa_admin] or the system [admin] installs the application and verifies the expected results.
    • The Vulnerability Admin [sn_vul.vulnerability_admin or sn_vul.admin (deprecated)] oversees configuration and verifies expected results with the PA dashboards.
    • The Remediation Owner [sn_vul.remediation_owner] oversees change management tasks and reads and updates assigned records. The sn_vul.remediation_owner role is also automatically assigned when any user is assigned the itil role.
    Verify the Performance Analytics and Vulnerability Response applications are compatible.

    For compatibility information, see KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes

    Role required: admin or pa_admin

    Procedure

    1. To download the Performance Analytics for Vulnerability Response application, navigate to the ServiceNow Store.
    2. In the upper right of the page, select Log In.
    3. In the search bar, type Performance Analytics for Vulnerability Response.
    4. Under Apps and Solutions, locate and select the Performance Analytics for Vulnerability Response tile.
      Note:

      In the ServiceNow Store, you must verify that you have entitlements (or licenses) to the application and its dependent applications. After you have logged in, you can use the menu in the upper right with your initials to manage entitlements and opt-in.

      If you want to use a version of this application that is compatible with Unified Security Exposure Management (USEM), see Migrating from Vulnerability Response to Unified Security Exposure Management (USEM) for more information about USEM and the Unified Security Exposure Management migration.

      If you do not intend to upgrade to Unified Security Exposure Management, install a version that is lower than v30.x of this application and for upgrades to its supported third-party integration applications.

    5. Select Request Install.
    6. Log in to the ServiceNow AI Platform instance where you want to install the Performance Analytics for Vulnerability Response application.
    7. Navigate to All > System Applications > All Available Applications > All.
    8. From the applications listed, locate the Performance Analytics for Vulnerability Response [sn_vul_analytics] application, select a version from the list, and select Install.
      The Application installation dialog is displayed. Any dependencies that are installed are displayed.
    9. After installation is successfully completed, select Close.
    10. Optional: If you anticipate a large number of active vulnerable items in your environment, you may prefer to change the default setting for the maximum number of collected records, enable scheduled jobs, and set collection times during off-hours.
      To change these and other settings for the application after it is installed, follow these steps.
      1. Navigate to All > Performance Analytics > Admin console.
      2. On the Advanced Configuration tile, select the Performance Analytics Properties link.
      3. On the Admin Console [Performance Analytics] page, scroll to the Performance Analytics Data Collector section.
        The default setting (50,000 records) is displayed for the Maximum number of rows that are allowed to be fetched from an Indicator Source.
        Performance Analytics data collection default setting for collected records.
      4. You may prefer to increase this number to a value that is roughly 20% more than the total number of active vulnerable items (VIs) you anticipate in your environment.
      5. Select Save.
      6. To activate scheduled jobs, navigate to All > Performance analytics > Data Collector > Jobs.
        The Scheduled Data Collection list is displayed. In the Active column, the scheduled jobs listed in the Application column for Performance Analytics - Content Pack - Vulnerability Response by default are inactive (false).
        Note:
        A scheduled job for historical data collection is not displayed on the list of jobs. For large sets of data, you may prefer to start collecting data and trends over time by enabling your daily jobs when you're setting up the Performance Analytics for Vulnerability Response application.
      7. In the Name column, select a link to open a [PA VR] job record.
      8. If fields are not editable, select the here link to change the scope so you can edit them.
      9. In the Job parameters section, select the Active check box to schedule a job.
        The Time fields are configurable.
        Time fields for a scheduled job that are displayed after selecting the Active check box. These fields include Run, Collect, and Time.
      10. Enter the start time for the job.
        If you anticipate a large volume, you may prefer to set collection times during off-hours. If you anticipate 10 million active VITs or greater in your environment, contact your ServiceNow® implementation partner for more information on setting up your data collection environment.

        For more information about the indicators used for data collection, see View the Performance Analytics indicators for Vulnerability Response [PA].

      11. After you have enabled all the jobs you want, select Update.
        The Scheduled Data Collection list is displayed. For more information, see Performance Analytics properties.

    What to do next

    Navigate to All > Vulnerability Response > Overview to view the dashboard.