Remediating Application Vulnerability Response vulnerabilities

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Remediating Application Vulnerability Response vulnerabilities

    The remediation of Application Vulnerability Response (AVR) vulnerabilities is a manual process that involves monitoring, reviewing, and closing application vulnerable items (AVITs). The process begins by validating rules and remediation targets, followed by prioritizing and addressing AVITs, and ends with closing fixed vulnerabilities. ServiceNow provides tools and dashboards to streamline and enhance this remediation workflow.

    Show full answer Show less

    Remediation Process

    • Login and Rule Validation: Access the AVR instance and verify that CI Lookup and Assignment rules for AVITs are functioning correctly. These rules help automatically identify applications and assign AVITs for remediation.
    • Remediation Target Validation: Ensure remediation target rules are accurate, as they govern tracking and status updates of AVITs when imported.
    • Dashboard and Reporting: Use dashboards and reports to monitor AVITs, including aging and status. Activating the Performance Analytics for Vulnerability Response app provides specific dashboards for App-Sec Managers and Security Champions to monitor relevant vulnerabilities.
    • Prioritization and Risk Management: Review AVIT states by priority, update risk scores as needed using the application vulnerability calculator, and reassign AVITs to appropriate remediation groups.
    • Rescanning and Closure: Rescans are triggered by third-party import schedules. AVITs marked as Fixed are automatically closed; otherwise, they are reopened for further action.
    • Veracode Integration: For AVITs sourced from Veracode, users can access detailed HTTP request/response data and solution recommendations directly within the Vulnerability Response workspace for informed remediation.

    Key Outcomes for ServiceNow Customers

    • Improved efficiency in vulnerability remediation through automation of identification, assignment, and tracking of AVITs.
    • Enhanced visibility into vulnerability status and risk via specialized dashboards tailored for security roles.
    • Streamlined remediation workflows supported by integration with Veracode data, enabling actionable insights from scan results and recommendations.
    • Automated closure of vulnerabilities upon successful remediation, reducing manual oversight and ensuring up-to-date vulnerability status.

    Monitoring remediation is a process that begins with reviewing status and ends with closing application vulnerable items (AVITs). Application Vulnerability Response offers tools and procedures to make that process more productive and efficient.

    Application Vulnerability Response remediation process

    Application vulnerable item remediation is done manually.

    An overview of the process:

    Get more details from Veracode

    Select Get More Details on application vulnerable items (AVITs) that have Veracode as the Source on the Application Vulnerable Item [sn_vul_app_vulnerable_item] table or from the list views in the Vulnerability Response Workspaces to view the following Veracode data.

    • HTTP Source request and Source response details for Dynamic Application Security Testing (DAST) scans are displayed on the HTTP Request/Response related list.
    • Solution recommendations from Veracode are displayed on the Findings related list.
    • HTTP Source request, Source response, and recommendations are displayed on the Details tab In the Vulnerability Response Vulnerability Response workspaces.
    • The Description column is supported on the Application Vulnerable Item [sn_vul_app_vulnerable_item] table.