Container Vulnerability Response dashboard

  • Release version: Xanadu
  • Updated August 1, 2024
  • 4 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Container Vulnerability Response dashboard

    The Container Vulnerability Response dashboard is a prepackaged Analytics and Reporting Solution within the ServiceNow AI Platform designed to track and manage container vulnerabilities throughout their lifecycle—from detection to remediation or containment. It enables ServiceNow customers to monitor vulnerability metrics such as volume, risk ratings, exploit status, and remediation progress, helping prioritize and address security risks in containerized environments effectively.

    Show full answer Show less

    Key Features

    • Role-based access: Requires ServiceNow AI Platform administrator to install and configure, and Performance Analytics administrator to manage indicators, data collection, and dashboard sharing.
    • Dashboard access: Available via the classic UI under All > Container Vulnerability Response > Overview and in the Next Experience UI (version 2.2 and later) through the Vulnerability Manager Workspace. New users access dashboards primarily through workspaces.
    • Dashboard tabs:
      • Overview tab: Displays the overall container vulnerability status.
      • Services tab: Shows container vulnerabilities impacting application services.
      • Service Owners tab: Highlights vulnerabilities affecting service owners.
    • Filtering and breakdowns: Reports can be filtered by assignment group, exploit presence, risk rating, and vulnerability state. Breakdowns include exploit status, attack vector, skill level, remediation target, risk rating, and assignment group.
    • Data visualizations: Various visual formats are provided including single score metrics (e.g., total container vulnerabilities, mean time to remediate), bar charts (e.g., vulnerabilities by risk rating and age), and lists (e.g., critical and high-risk vulnerabilities, overdue items grouped by service or service owner).

    Key Outcomes

    By using this dashboard, ServiceNow customers can:

    • Gain comprehensive visibility into container vulnerabilities and their impact on services and owners.
    • Track remediation performance with metrics like mean time to remediate and percentage meeting remediation targets.
    • Identify and prioritize critical and high-risk vulnerabilities, including those overdue for remediation, to reduce security exposure in container environments.
    • Effectively assign and manage vulnerability remediation efforts through detailed breakdowns and filters, supporting informed decision-making and improved security posture.

    Analytics and Reporting Solutions contain prepackaged Performance Analytics and Reporting content for use with other ServiceNow AI Platform products. This Platform Analytics Solution permits you to track the volume, performance, and progress of vulnerabilities from initial analysis and detection to containment, or remediation. You can filter reports by assignment group, exploits, risk rating, or state.

    Required ServiceNow AI Platform roles

    • ServiceNow AI Platform administrator (admin): Install and activate this Analytics and Reporting Solution and make any necessary changes to system properties.
    • Performance Analytics administrator (pa_admin): Review the indicators, breakdowns, widgets, and dashboards. Set up and start data collection. Share the dashboards with appropriate stakeholders.

    Access the Container Vulnerability Response dashboard

    To open the dashboard, navigate to All > Container Vulnerability Response > Overview.

    Important:
    Starting with version 2.2 of Container Vulnerability Response, this dashboard can also be viewed in the Next Experience UI. To view the dashboard in the new UI, navigate to Workspaces > Vulnerability Manager Workspace and select the Dashboards icon. Depending on your role, the default dashboard is displayed. To view other dashboards, select the drop-down next to the dashboard name. For more information, see Dashboards in the Vulnerability Manager Workspace and Dashboards in the IT Remediation Workspace.
    Note:
    • If you’re a new user, you can view the dashboards only from the workspaces.
    • If you are on Tokyo, you can view the dashboards in the Next Experience UI but with some functional loss.

    Container Vulnerability Management tabs

    This dashboard lets you see the vulnerabilities that are present in containers. You can view the vulnerabilities and their related data by region, age, services, and other breakdowns.

    The Overview tab provides the overall status of Container Vulnerability Management in the system.Container Vulnerability Management - Overview tab

    The Services tab shows Container vulnerable items impacting application services.Container Vulnerability Management - Services tab Container Vulnerability Management - Services tab

    The Service Owners tab shows Container vulnerable items impacting service owners.Container Vulnerability Management - Service Owners tab Container Vulnerability Management - Service Owners tab

    Breakdowns

    • Exploit Exists
    • Exploit Attack Vector
    • Exploit Skill Level
    • Remediation Target Status
    • Risk Rating
    • State
    • Assignment Group

    Data visualizations

    Name Type Description

    Container Vulnerabilities

    Single scoreSingle score

    Number of container vulnerabilities associated with one or more active container vulnerable items.
    Vulnerable Items (VIs) Single scoreSingle score Number of active (non-closed) container vulnerable items.
    Vulnerable Docker Images Single scoreSingle score Number of docker images associated with active container vulnerable items.
    VI Mean Time To Remediate (MTTR) Single scoreSingle score The mean time to remediate (close) a vulnerable item, displayed as a 30-day running average.

    Vulnerable Items Met Remediation Target

    		 Single scoreSingle score Percentage of closed container vulnerable items that have met their remediation target dates in the current and previous quarters. Remediation targets are calculated from the Last Opened date plus the number of days.

    Vulnerable Items by Risk Rating

    		 BarBar Number of active container vulnerable items grouped by risk rating over the selected time span.

    Vulnerable Items by Age

    		 BarBar Number of active container vulnerable items grouped by risk rating and age (in days).

    Critical Container Vulnerable Items

    		 List and LineBar Number of active container vulnerable items with a critical risk rating, grouped by service.

    Overdue Critical Container Vulnerable Items

    		 List and LineList Line Number of active container vulnerable items with a critical risk rating and past their remediation target dates, grouped by service.

    High Container Vulnerable Items

    		 List and LineList Line Number of active container vulnerable items with a high risk-rating, grouped by service.

    Overdue High Container Vulnerable Items

    		 List and LineList Line Number of active vulnerable items with a high risk-rating and past their remediation target dates, grouped by service.

    Critical Container Vulnerable Items

    		 List and LineList Line Number of active container vulnerable items with a critical risk rating, grouped by service owner.

    Overdue Critical Container Vulnerable Items

    		 List and LineList Line Number of active container vulnerable items with a critical risk rating and past their remediation target dates, grouped by service owner.

    High Container Vulnerable Items

    		 List and LineList Line Number of active container vulnerable items with a high risk-rating, grouped by service owner.

    Overdue High Container Vulnerable Items

    		 List and LineList Line Number of active vulnerable items with a high risk-rating and past their remediation target dates, grouped by service owner.