Preparing for the Tenable Vulnerability Integration

  • Release version: Xanadu
  • Updated January 30, 2025
  • 4 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Preparing for the Tenable Vulnerability Integration

    This guide prepares ServiceNow customers for integrating Tenable vulnerability data into their ServiceNow AI Platform® instance using the Vulnerability Response Integration with Tenable application. It outlines essential setup tasks, permissions, and configuration steps to ensure smooth installation and efficient vulnerability data import.

    Show full answer Show less

    Pre-Integration Requirements

    • Vulnerability Response Application: Ensure the Vulnerability Response application version 12.1 or later is installed and activated before installing the Tenable integration.
    • Tenable Product Compatibility: The integration supports Tenable.sc starting from version 5.13 and Tenable.cs from version 5.0.1.
    • Instance Capacity: Estimate the number of vulnerable items to import and confirm your instance can handle this volume to avoid performance issues. Contact ServiceNow Technical Support for assistance if needed.
    • User and Group Management: Verify that appropriate groups and users exist to manage integration and remediation tasks.

    Role Assignments and Permissions

    • Admin Role: Required to download, install, and configure the application via Setup Assistant.
    • Vulnerability Admin (snvul.vulnerabilityadmin): Manages all aspects of Vulnerability Response, including third-party integrations.
    • Tenable Integration Roles:
      • snvultenable.configureintegration: Configures the Tenable integration.
      • snvultenable.readintegration: Read-only access to Tenable integration records.
    • Vulnerability Response Group: Provides users with default roles for reading and remediating vulnerabilities; can be customized or supplemented with additional groups as needed.

    Performance and Configuration Recommendations

    • Consider disabling vulnerability calculators during the initial import to improve performance, as they run on every vulnerable item creation or update.
    • Temporarily disable notification-related business rules during initial data import to prevent excessive notifications impacting system performance.
    • Ensure all necessary features, rules, dependency plugins, and jobs are enabled for the integration to function correctly.

    Integration-Specific Considerations

    • MID Server Usage: Required if Tenable.sc and ServiceNow AI Platform are in different environments; optional if in the same environment.
    • IntegrationHub Plugin: Must be installed and activated to enable communication with external systems via APIs and protocols like REST.
    • Tenable Credentials: Obtain valid account credentials:
      • Tenable.io requires Administrator access (permission attribute ≥ 64) or, starting with version 3.8 of the integration, a basic user with permission attribute 16.
      • Tenable.sc requires Security Analyst or Manager access.

    Next Steps

    Once these preparation steps are complete, proceed to install the Vulnerability Response Integration with Tenable application using Setup Assistant to begin importing and managing vulnerability data efficiently within your ServiceNow instance.

    Prepare for the ServiceNow® Tenable Vulnerability integration by performing the following setup tasks.

    Before you begin

    A successful integration requires planning and careful execution of pre-integration tasks. For a smooth installation and configuration of the Vulnerability Response Integration with Tenable application, you may prefer to print the following checklist and verify the items listed are completed before you install the application and import vulnerability data into your ServiceNow AI Platform® instance.

    Note:
    If you have been importing data with the Tenable-built integration, and you want to start using the ServiceNow® Vulnerability Response Integration with Tenable, see the

    For current data cleanup and migration information from the Tenable-built integration to the integration built by ServiceNow, see the Guidelines to migrate from the Tenable Vulnerability Response Integration to the ServiceNow Vulnerability Response Integration with Tenable [KB0960667] article.

    Role required: Admin to download and install the application.

    Task Description

    Checkbox image

    		 (Optional) If not already installed and activated, you may prefer to install the Vulnerability Response application prior to installing the third-party application.

    For more information about installing and activating the Vulnerability Response application, see, Install Vulnerability Response. This integration requires version 12.1 of Vulnerability Response or later.

    Checkbox image

    If you don't already have it on your instance, get entitlements and download the Vulnerability Response Integration with Tenable application to your ServiceNow AI Platform® instance. The Vulnerability Response Integration with Tenable application supports the Tenable.sc product starting with version 5.13 and Tenable.cs product starting with version 5.0.1.

    .

    Checkbox image

    Estimate the number of vulnerable items that you expect to import.

    Verify that your instance can accept the number of vulnerable items you expect to import. An undersized instance can lead to long load times. If you don’t know the size of your instance, or, if you need assistance, contact ServiceNow® Technical Support.

    Checkbox image

    Verify that you have groups or users to manage the integrations and remediate vulnerable items.

    admin
    The system admin uses Setup Assistant to install the Vulnerability Response Integration with Tenable application. If not assigned, the admin assigns the vulnerability admin (sn_vul.vulnerability_admin) and other roles in Setup Assistant.
    sn_vul.vulnerability_admin
    Once assigned, the vulnerability admin completes the configuration of the Tenable integrations. This role has complete access to the Vulnerability Response (VR) application and its records. Configures all VR applications and rules and configures third-party integrations.
    sn_vul_tenable.configure_integration
    Can configure the Tenable Vulnerability Integration. This role contains the sn_vul_tenable.read_integration granular role.
    sn_vul_tenable.read_integration
    Can view (read) records of the Tenable Vulnerability Integration.
    Vulnerability Response group
    By default, the Vulnerability Response group is available in Setup Assistant. Users assigned to the Vulnerability Response group inherit the sn_vul.read_all and sn_vul.remediation_owner roles automatically.

    The system admin performs the initial assignment of roles to users and groups in Setup Assistant for the integration. By default, the Vulnerability Response group is available. If not already created, you may prefer to create additional groups and add users with the User Administration module in your instance prior to using Setup Assistant. See Create a user group.

    Persona and granular roles are available to help you manage what users can do and see in the Vulnerability Response application. For initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant.

    Checkbox image

    To promote improved performance for your first import, you may prefer to disable certain features, rules, or jobs in your instance.

    • Disable vulnerability calculators if you don’t use them. These calculators, plus any you have defined, run every time a vulnerable item record is created or updated. See Disable vulnerability calculators.
    • During the initial import of records, certain notification-related business rules can cause many notifications to be generated, impacting performance. Prior to your initial import, you may prefer to Disable notification-related business rules as described in Import modifications for the Tenable Vulnerability Integration.

    Checkbox image

    Verify you have enabled any features, rules, dependency plugins, or jobs in your instance required for the integration.

    • Tenable.sc is an on-premises integration that gives you the option to use a MID Server if the Vulnerability Response Integration with Tenable product and your ServiceNow AI Platform instance are in the same environment. If the Tenable.sc product and your ServiceNow AI Platform instance aren’t in the same environment, you’re required to use a MID Server. For more information about MID Servers in your instance, see MID Server.
    • Verify the IntegrationHub plugin is installed and activated. This plugin enables base system components to call external systems using integration APIs and activates protocol steps like REST.

      Navigate to System Applications > All Available Applications > All and locate the plugin. If not installed in your instance, install and activate it.

    Checkbox image

    Obtain Tenable credentials.

    Verify you have any account names, passwords, and other service information required by your Tenable products so that you have access to them.

    Tenable.io requires Administrator access with a permission attribute greater than or equal to 64. Tenable.sc requires Security Analyst or Manager access.

    Note:
    Starting with v3.8 of Vulnerability Response Integration with Tenable, accessing Tenable.io no longer needs administrator privileges. A basic user with a permission attribute equal to 16 can also access the product.

    You’re ready to Install the Vulnerability Response Integration with Tenable application using Setup Assistant.