Preparing for installing the Vulnerability Response Integration with Palo Alto Prisma Cloud

  • Release version: Xanadu
  • Updated August 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Preparing for installing the Vulnerability Response Integration with Palo Alto Prisma Cloud

    This guide helps ServiceNow customers prepare for installing the Vulnerability Response Integration with Palo Alto Prisma Cloud. It outlines the necessary setup tasks and prerequisites to ensure a successful integration, enabling the seamless import and management of Prisma Cloud vulnerability alerts within the ServiceNow AI Platform®.

    Show full answer Show less

    Key Preparation Steps

    • Prisma Cloud Permissions: Ensure you have a Prisma Cloud permission group that provides read-only access to Policy and Alerts data. This is essential for the integration to read vulnerability alerts.
    • Access Keys: Create access keys (Access key ID and Secret key) in Prisma Cloud to authorize alert data retrieval by ServiceNow.
    • Credentials: Collect the API base URL, Access key ID, Secret key, and Prisma Cloud username and password. These credentials enable the connection between ServiceNow and Prisma Cloud.
    • Application Installations:
      • Install and activate the Vulnerability Response application version 15.2.0 or later, which is required before installing the integration application.
      • Obtain entitlements and download the Vulnerability Response Integration with Palo Alto Prisma Cloud application to the ServiceNow AI Platform® instance.
    • Required Plugins: Install core plugins such as Vulnerability Response, Configuration Compliance, and the integration plugin itself. Optional plugins like Cloud Provisioning and Governance, Discovery, and Service Mapping Patterns can enhance functionality.
    • Capacity Planning: Estimate the volume of test results to be imported to ensure your ServiceNow instance can handle the data without performance degradation. Contact ServiceNow Technical Support if assistance is needed.
    • Administrator Roles: Assign an administrator to manage the integration and remediation processes. This includes installing the integration and assigning the vulnerability admin role (snvul.vulnerabilityadmin) and any other necessary roles.

    Next Steps

    Once these preparatory tasks are complete, you are ready to proceed with the installation and configuration of the Vulnerability Response Integration with Palo Alto Prisma Cloud application. This setup ensures you can effectively ingest and manage vulnerability data from Prisma Cloud within ServiceNow.

    Prepare for installing the Vulnerability Response Integration with Palo Alto Prisma Cloud by performing setup tasks.

    Before you begin

    To integrate Vulnerability Response with Palo Alto Prisma Cloud, you must be assigned a permission group in Prisma that provides read-only access to Policy and Alerts data. You can find more information on permission groups at Prisma Cloud Administrator Roles.

    For detailed information on the roles assigned to different permission groups, refer to the page Prisma Cloud Administrator Permissions.

    In addition, access keys must be created to enable reading the alerts. For more information on creating access keys, see Create and Manage Access Keys.

    To install and configure the Vulnerability Response Integration with Palo Alto Prisma Cloud, use the following checklist. Before you install the application, verify that the items listed are completed.

    Table 1. Integration preparation checklist
    Task Description
    Checkbox image.
    		Verify that you have the following sets of information:
    • API base URL
    • Access key ID
    • Secret key
    • Username and Password for accessing Prisma Cloud.

    These credentials are used to connect to the Prisma Cloud instance from the ServiceNow AI Platform® instance. The access key ID and secret key must be generated from the Prisma Cloud portal after registration.
    Checkbox image.
    		If not already installed and activated, install the Vulnerability Response application before you install the Vulnerability Response Integration with Palo Alto Prisma Cloud application.

    For more information about installing and activating the Vulnerability Response application, see Install Vulnerability Response. This integration requires version 15.2.0 of Vulnerability Response or later.
    Checkbox image.

    If you don't already have the application on your instance, get entitlements and download the Vulnerability Response Integration with Palo Alto Prisma Cloud application to your ServiceNow AI Platform® instance.

    See .
    Checkbox image.
    Ensure you have installed the following plugins for a smooth integration run:
    • Vulnerability Response
    • Configuration Compliance
    • Vulnerability Response Integration with Palo Alto Prisma Cloud
    The following plugins are optional but can be useful:
    • Cloud Provisioning and Governance
    • Discovery and Service Mapping Patterns
    Checkbox image.

    Estimate the number of test results that you expect to import.

    Verify that your instance can accept the number of test results that you expect to import. An undersized instance can lead to long load times. If you don't know the size of your instance, or if you need assistance, contact ServiceNow Technical Support.
    Checkbox image.
    		Verify that you have an administrator to manage the integrations and to remediate the test results:

    The admin installs the Vulnerability Response Integration with Palo Alto Prisma Cloud application. If not assigned, the admin assigns the vulnerability admin (sn_vul.vulnerability_admin) and other roles.

    You are ready to Install and configure the Vulnerability Response Integration with Palo Alto Prisma Cloud application.