Preparing for the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute

Release version: Yokohama

Updated January 30, 2025

2 minutes to read

Summarize

Summarized using AI

Summary of Preparing for the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute

This guide helps ServiceNow customers prepare for integrating Palo Alto Networks Prisma Cloud Compute with the Vulnerability Response application. It outlines essential setup tasks to ensure a smooth installation and import of vulnerability data into your ServiceNow AI Platform® instance.

Show full answer Show less

Preparation Checklist and Requirements

Credentials and Access: Obtain the API base URL, username, and password for Prisma Cloud Compute. The user credential must have monitorImages permission to access container image vulnerabilities.
Application Prerequisites: Ensure the Vulnerability Response application (version 16.1 or later) is installed and activated before installing the Prisma Cloud Compute integration.
License and Download: Acquire entitlements and download the integration application from your ServiceNow AI Platform® instance.
Capacity Planning: Estimate and verify the number of vulnerable items expected to import. Confirm your instance can handle the volume to avoid performance issues; contact ServiceNow Technical Support if unsure.
User Roles and Groups: Ensure appropriate groups and users exist to manage the integration and remediation:
- Admin: Assign the snvulcontainer.vulnerabilityadmin role for full access to Container Vulnerability Response configurations.
- Vulnerability Response Group: Default group with read access to vulnerabilities.
- Container Remediation Owner Group: Default group for users responsible for remediating assigned container vulnerabilities.
- Vulnerability Analyst Group: Users monitoring remediation progress.
Additional groups can be created using the User Administration module if needed.
Initial Integration Setup: Install the Vulnerability Response integration with the National Vulnerability Database (NVD) and run the NIST National Vulnerability Database Integration - API for CVE data before proceeding.

Next Steps

After completing these preparations, you are ready to configure the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute application in your ServiceNow instance.

You can prepare for the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute by performing setup tasks.

Before you begin

To install and configure the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute application, you may print the following checklist. Verify the items listed are completed before you install the application and import the vulnerability data into your ServiceNow AI Platform® instance.

Table 1. Integration preparation checklist
Task	Description
	Verify that you have the following sets of information: API base URL Username and Password. These credentials are used to pull the vulnerabilities from the Prisma Cloud Compute integration. For more information, see https://pan.dev/compute/api/ Note: Mid Server is optional. The user credential used for Prisma Cloud Compute integration needs permission to monitor the images. See the following code: `{"permission":"monitorImages","saas":true,"self-hosted":true}`
	If not already installed and activated, install the Vulnerability Response application before you install the third-party application. For more information about installing and activating the Vulnerability Response application, see Install Vulnerability Response. This integration requires version 16.1 of Vulnerability Response or later.
	Get entitlements and download the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute application on your ServiceNow AI Platform® instance.
	Estimate the number of vulnerable items that you expect to import. Verify that your instance can accept the number of vulnerable items that you expect to import. An undersized instance can lead to long load times. If you don't know the size of your instance, or if you need assistance, contact ServiceNow Technical Support.
	Verify that you have the following groups or users to manage the integrations and to remediate the vulnerable items: admin Install the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute application. If not assigned, the admin assigns the container vulnerability admin (sn_vul_container.vulnerability_admin) and other roles. sn_vul_container.vulnerability_admin Completes the configuration of the Prisma Cloud Compute integration. This role has complete access to the Container Vulnerability Response (CVR) application and its records. This admin configures integrations and rules in Container Vulnerability Response. Vulnerability Response Group By default, the Vulnerability Response group is available. Users assigned to the Vulnerability Response group inherit the sn_vul.read_all, sn_vul_container.read_all. Container Remediation Owner Group By default, the Container Remediation Owner group is available. Users assigned to this group inherit the sn_vul_container.remediation_owner. The Container Remediation Owner remediates container vulnerabilities assigned to them or to a group they belong to. Vulnerability Analyst Users assigned to Container Vulnerability Analyst group inherit sn_vul.vulnerability_analyst. The Vulnerability Analyst monitors remediation of all vulnerable items. If not already created, you may prefer to create additional groups and add users with the User Administration module in your instance. For more information, see Create a user group.
	Install the Vulnerability Response integration with NVD and run the NIST National Vulnerability Database Integration - API (CVE only).

You are ready to Configure the Vulnerability Response Integration with Palo Alto Networks Prisma Cloud Compute application.