Preparing for the Tenable Vulnerability Integration

  • Release version: Yokohama
  • Updated January 30, 2025
  • 4 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Preparing for the Tenable Vulnerability Integration

    This guide outlines the essential preparatory steps ServiceNow customers must undertake to successfully install and configure the Vulnerability Response Integration with Tenable application on the ServiceNow AI Platform®. Proper preparation ensures smooth data import from Tenable vulnerability products and effective vulnerability management within ServiceNow.

    Show full answer Show less

    Key Preparation Tasks

    • Pre-Installation Planning: Validate your ServiceNow instance’s capacity to handle the expected volume of vulnerable items to avoid performance issues. Contact ServiceNow Technical Support if unsure about instance sizing.
    • Application Requirements: Ensure the Vulnerability Response application (version 12.1 or later) is installed and activated before integrating Tenable. The integration supports Tenable.sc versions 5.13+ and Tenable.cs versions 5.0.1+.
    • User Roles and Permissions: Assign appropriate roles to manage the integration and remediation processes. Key roles include:
      • Admin: Required to download and install the application.
      • Vulnerability Admin (snvul.vulnerabilityadmin): Manages configuration and has full access to Vulnerability Response functions.
      • Tenable Integration Configurator (snvultenable.configureintegration): Configures the Tenable integration.
      • Vulnerability Response Group: Automatically inherits essential read and remediation roles; additional groups can be created as needed.
    • Setup Assistant Usage: Use Setup Assistant for streamlined installation and role assignments to ensure correct configuration of the integration.
    • Performance Optimization: To improve initial import efficiency:
      • Disable vulnerability calculators if not used, as they run on every record creation or update.
      • Disable notification-related business rules temporarily to prevent excessive notifications during import.
    • Dependency Checks: Confirm necessary plugins and features are enabled, notably:
      • IntegrationHub plugin: Required for external API calls and REST protocol support.
      • MID Server: Needed if Tenable.sc and ServiceNow are in separate environments; optional if in the same environment.
    • Credentials and Access: Obtain and verify Tenable product credentials with proper permission levels:
      • Tenable.io: Basic user with permission attribute 16 or higher (no longer requires admin privileges from v3.8).
      • Tenable.sc: Requires Security Analyst or Manager access.

    Next Steps

    After completing these preparatory steps, proceed to install the Vulnerability Response Integration with Tenable application via Setup Assistant. For customers migrating from the Tenable-built integration, refer to the official migration guidelines to ensure proper data cleanup and transition.

    Prepare for the ServiceNow® Tenable Vulnerability integration by performing the following setup tasks.

    Before you begin

    A successful integration requires planning and careful execution of pre-integration tasks. For a smooth installation and configuration of the Vulnerability Response Integration with Tenable application, you may prefer to print the following checklist and verify the items listed are completed before you install the application and import vulnerability data into your ServiceNow AI Platform® instance.

    Note:
    If you have been importing data with the Tenable-built integration, and you want to start using the ServiceNow® Vulnerability Response Integration with Tenable, see the

    For current data cleanup and migration information from the Tenable-built integration to the integration built by ServiceNow, see the Guidelines to migrate from the Tenable Vulnerability Response Integration to the ServiceNow Vulnerability Response Integration with Tenable [KB0960667] article.

    Role required: Admin to download and install the application.

    Task Description

    Checkbox image

    		 (Optional) If not already installed and activated, you may prefer to install the Vulnerability Response application prior to installing the third-party application.

    For more information about installing and activating the Vulnerability Response application, see, Install Vulnerability Response. This integration requires version 12.1 of Vulnerability Response or later.

    Checkbox image

    If you don't already have it on your instance, get entitlements and download the Vulnerability Response Integration with Tenable application to your ServiceNow AI Platform® instance. The Vulnerability Response Integration with Tenable application supports the Tenable.sc product starting with version 5.13 and Tenable.cs product starting with version 5.0.1.

    .

    Checkbox image

    Estimate the number of vulnerable items that you expect to import.

    Verify that your instance can accept the number of vulnerable items you expect to import. An undersized instance can lead to long load times. If you don’t know the size of your instance, or, if you need assistance, contact ServiceNow® Technical Support.

    Checkbox image

    Verify that you have groups or users to manage the integrations and remediate vulnerable items.

    admin
    The system admin uses Setup Assistant to install the Vulnerability Response Integration with Tenable application. If not assigned, the admin assigns the vulnerability admin (sn_vul.vulnerability_admin) and other roles in Setup Assistant.
    sn_vul.vulnerability_admin
    Once assigned, the vulnerability admin completes the configuration of the Tenable integrations. This role has complete access to the Vulnerability Response (VR) application and its records. Configures all VR applications and rules and configures third-party integrations.
    sn_vul_tenable.configure_integration
    Can configure the Tenable Vulnerability Integration. This role contains the sn_vul_tenable.read_integration granular role.
    sn_vul_tenable.read_integration
    Can view (read) records of the Tenable Vulnerability Integration.
    Vulnerability Response group
    By default, the Vulnerability Response group is available in Setup Assistant. Users assigned to the Vulnerability Response group inherit the sn_vul.read_all and sn_vul.remediation_owner roles automatically.
    sn_vul.access_setup_assistant

    The system admin performs the initial assignment of roles to users and groups in Setup Assistant for the integration. By default, the Vulnerability Response group is available. If not already created, you may prefer to create additional groups and add users with the User Administration module in your instance prior to using Setup Assistant. See Create a user group.

    Persona and granular roles are available to help you manage what users can do and see in the Vulnerability Response application. For initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant.

    Checkbox image

    To promote improved performance for your first import, you may prefer to disable certain features, rules, or jobs in your instance.

    • Disable vulnerability calculators if you don’t use them. These calculators, plus any you have defined, run every time a vulnerable item record is created or updated. See Disable vulnerability calculators.
    • During the initial import of records, certain notification-related business rules can cause many notifications to be generated, impacting performance. Prior to your initial import, you may prefer to Disable notification-related business rules as described in Import modifications for the Tenable Vulnerability Integration.

    Checkbox image

    Verify you have enabled any features, rules, dependency plugins, or jobs in your instance required for the integration.

    • Tenable.sc is an on-premises integration that gives you the option to use a MID Server if the Vulnerability Response Integration with Tenable product and your ServiceNow AI Platform instance are in the same environment. If the Tenable.sc product and your ServiceNow AI Platform instance aren’t in the same environment, you’re required to use a MID Server. For more information about MID Servers in your instance, see MID Server.
    • Verify the IntegrationHub plugin is installed and activated. This plugin enables base system components to call external systems using integration APIs and activates protocol steps like REST.

      Navigate to System Applications > All Available Applications > All and locate the plugin. If not installed in your instance, install and activate it.

    Checkbox image

    Obtain Tenable credentials.

    Verify you have any account names, passwords, and other service information required by your Tenable products so that you have access to them.

    Tenable.io requires Administrator access with a permission attribute greater than or equal to 64. Tenable.sc requires Security Analyst or Manager access.

    Note:
    Starting with v3.8 of Vulnerability Response Integration with Tenable, accessing Tenable.io no longer needs administrator privileges. A basic user with a permission attribute equal to 16 can also access the product.

    You’re ready to Install the Vulnerability Response Integration with Tenable application using Setup Assistant.