List page in the Vulnerability Manager Workspace

  • Release version: Yokohama
  • Updated January 30, 2025
  • 8 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of List page in the Vulnerability Manager Workspace

    The List page in the Vulnerability Manager Workspace provides vulnerability and security managers and analysts with a centralized interface to monitor remediation progress, drill into vulnerability records, and track approval requests and exceptions. This workspace supports various roles, including vulnerability analysts, administrators, application security managers, container vulnerability analysts, and configuration compliance admins. It streamlines access to critical vulnerability management data across different asset types such as hosts, applications, containers, and configuration test results.

    Show full answer Show less

    Key Features

    • Two Main Tabs:
      • Lists Tab: Displays default lists related to remediation efforts, tasks, vulnerable items, configuration test results, solutions, exceptions, and libraries.
      • My Lists Tab: Allows users to rename default lists and create customized lists to monitor remediation progress tailored to their needs.
    • Role-Based Access: Lists and data are filtered and accessible based on user roles such as vulnerability analyst, app sec manager, and configuration compliance admin.
    • Redirect and Integration: When enabled via the snvulcmnws.navigatetoworkspace system property, predefined filter links in related modules redirect users to the List page in the Vulnerability Manager Workspace, providing a unified experience.
    • Record Grouping: Remediation efforts and tasks can be grouped by Record Type to categorize items by host, application, container vulnerabilities, or configuration test results for better clarity.
    • Control Over Display: Admins can toggle the display of record counts on lists through a system property, improving UI customization.

    Available Lists and Their Practical Use

    The Lists tab contains multiple categorized lists to help users access and manage vulnerability and remediation data efficiently:

    • Remediation Efforts (REs): Active and all remediation efforts assigned to the user’s groups, grouped by vulnerability type.
    • Remediation Tasks: Active, all, assigned to me, and assigned to my group remediation tasks across hosts, applications, containers, and test results. Includes tasks created manually or by automation.
    • Vulnerable Items: Separate lists for host, application, and container vulnerable items showing active, all, assigned to me, and assigned to my group items.
    • Configuration Test Results: Lists for active, all, assigned to me, and assigned to my group test results within Configuration Compliance.
    • Solutions: Lists of remediation solutions, including all solutions, highest supersedence, and those linked as preferred solutions to vulnerable items.
    • Exceptions: Approval state lists for exceptions and false positive requests, grouped by vulnerability type and configuration test results.
    • Approvals: Lists of approval requests assigned to the current user for processing within the workspace.
    • Libraries: Extensive lists covering CVEs, third-party vulnerabilities, CWEs, app vulnerabilities, test groups, tests, and compensating controls to support risk reduction and compliance.
    • CMDB Data: Lists of discovered items, container images with detailed metadata, and discovered applications, enabling reapplication actions within the workspace.
    • Penetration Testing: Lists for penetration test assessment requests and findings, including active, all, assigned to me, and assigned to my group, facilitating management of penetration testing workflows.
    • Patches: Comprehensive list of patches available for remediating host vulnerabilities.
    • Supporting Data: Lists of authoritative sources and technologies providing reference information to aid vulnerability research and analysis.

    Practical Benefits for ServiceNow Customers

    • Enables consolidated visibility into vulnerability remediation progress and associated tasks across multiple asset types, improving situational awareness.
    • Supports role-based data access and workflow management, ensuring users see relevant information and can take timely actions.
    • Facilitates creation of customized lists to monitor specific remediation efforts or vulnerable items tailored to business needs.
    • Integrates with other ServiceNow modules to provide seamless navigation and unified vulnerability management experiences.
    • Provides control over UI elements like record counts to optimize the workspace interface performance and usability.

    Next Steps

    ServiceNow customers should ensure appropriate roles are assigned to users to access relevant lists. Administrators can configure system properties to enable workspace redirection and customize list display settings. Users are encouraged to create personalized lists in the My Lists tab to focus on remediation progress critical to their responsibilities. Leveraging this List page supports efficient tracking, prioritization, and remediation of vulnerabilities within ServiceNow’s Vulnerability Manager Workspace.

    The List page in the Vulnerability Manager Workspace permits vulnerability and security managers and analysts to view remediation progress on records, drill down into records, and view the status of their approval requests and exceptions.

    Role required:
    • sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin for host vulnerable items (VITs)
    • sn_vul.app_sec_manager for application vulnerable items (AVITs)
    • sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin for container vulnerable items (CVITs)
    • sn_vulc.admin for configuration test results (CTRs)
    These lists and links provide you with easy access to records and tasks. It contains two tabs:
    • Lists tab: Displays the default lists for remediation efforts, remediation tasks, vulnerable items, configuration test results, solutions, exceptions, and libraries.
    • My Lists tab: Displays any lists that you’ve renamed from the Lists tab and any lists that you create.

      You can also create your own list to monitor remediation progress. For more information, see Create a customized list of records.

    Lists tab

    The following table shows the lists available in the Lists tab of the List page:

    Tip:

    If the sn_vul_cmn_ws.navigate_to_workspace system property is set to true by an admin, upon selecting the predefined filter links in the Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response and Configuration Compliance modules from the All menu, these links open in the List page of the Vulnerability Manager Workspace based on your role.

    For example, if you select Assigned to My Groups by navigating to All > Vulnerability Response > Remediation Tasks > Assigned to My Groups, this link is redirected to the Vulnerability Manager Workspace. The Assigned to My Groups list in the Remediation Tasks module opens in the List page of the Vulnerability Manager Workspace if you have the vulnerability admin or analyst role. To view the host remediation tasks group the tasks by Record Type.

    You can hide the record count on the lists using the glide.ui.list.seismic.omit.count system property. For more information on how to turn off/on the record count on a list, see the KBB0010402 KB article.

    Table 1. Lists
    List item Description Modules Roles Required
    Remediation efforts (REs) List of active REs and all the REs assigned to your assignment groups.

    Group the remediation efforts by Record Type to categorize them by host vulnerable items, application vulnerable items, container vulnerable items and configuration test results.

    		 Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response, and Configuration Compliance
    • sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin for host vulnerable items (VITs)
    • sn_vul.app_sec_manager for application vulnerable items (AVITs)
    • sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin for container vulnerable items (CVITs)
    • sn_vulc.admin for configuration test results (CTRs)
    Remediation tasks Contains the following lists:
    • Active: List of all the active host, application, container and Test result remediation tasks.
    • All: List of both active and inactive host, application, container and Test result remediation tasks.
    • Assigned to me: List of Remediation tasks assigned to you for remediation.
    • Assigned to my group: Remediation tasks assigned to your assignment groups for remediation.

    Group the remediation tasks by Record Type to categorize them by host vulnerable items, application vulnerable items, container vulnerable items and configuration test results.

    Note:
    The Remediation tasks list includes tasks generated during the Remediation Effort creation in the Vulnerability Manager Workspace, as well as those created manually and by remediation task rules and other processes in the classic UI. The Remediation effort column will be empty for any remediation tasks that were not created as part of the Remediation Effort.
    		 Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response, and Configuration Compliance
    • sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin for host vulnerable items (VITs)
    • sn_vul.app_sec_manager for application vulnerable items (AVITs)
    • sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin for container vulnerable items (CVITs)
    • sn_vulc.admin for configuration test results (CTRs)
    Host Vulnerable items Contains the following lists
    • Active: List of all the active host vulnerable items.
    • All: List of both active and inactive host vulnerable items.
    • Assigned to me: List of host vulnerable items assigned to you for remediation.
    • Assigned to my group: List of host vulnerable items assigned to your assignment groups for remediation.
    		 Vulnerability Response sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin
    Application Vulnerable items Contains the following lists:
    • Active: List of all the active application vulnerable items.
    • All: List of both active and inactive application vulnerable items.
    • Assigned to me: List of application vulnerable items assigned to you for remediation.
    • Assigned to my group: List of application vulnerable items assigned to your assignment groups for remediation.
    You can create a new application vulnerable item by selecting the New button.    		 Application Vulnerability Response sn_vul.app_sec_manager
    Container Vulnerable items Contains the following lists:
    • Active: List of all the active container vulnerable items.
    • All: List of both active and inactive container vulnerable items.
    • Assigned to me: List of container vulnerable items assigned to you for remediation.
    • Assigned to my group: List of container vulnerable items assigned to your assignment groups for remediation.
    		 Container Vulnerability Response sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin
    Configuration Test Results Contains the following lists:
    • Active: List of all the active test results.
    • All: List of both active and inactive test results.
    • Assigned to me: List of test results assigned to you for remediation.
    • Assigned to my group: List of test results assigned to your assignment groups for remediation.
    		 Configuration Compliance sn_vulc.admin
    Solutions Contains the following lists:
    • All - Shows all the available solutions which you can use to remediate the host vulnerable items.
    • Highest Supersedence - Shows all the solutions which is used to populated Preferred Solutions.
    • With Vulnerable items - Shows the solutions which are being used as Preferred Solution on Vulnerable Items.
    		 Vulnerability Response sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin
    Exceptions Shows the approval states for all the exception and false positive requests associated with your assignment groups.
    • All: List of the exception, false positive, and unassign approval requests related to VITs, AVITs, and CVITs and their remediation tasks (VUL, AVUL, and CVUL).
    • All (Configuration Compliance): List of the exceptions, false positive, and unassign approval requests related test results and remediation tasks (CTR#).

    Group the exceptions by Record type to categorize them by host vulnerable items, application vulnerable items, container vulnerable items and configuration test results.

    		 Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response, and Configuration Compliance
    • sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin for host vulnerable items (VITs)
    • sn_vul.app_sec_manager for application vulnerable items (AVITs)
    • sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin for container vulnerable items (CVITs)
    • sn_vulc.admin for configuration test results (CTRs)
    Approvals Assigned to me: Shows the approval requests assigned to you for processing. To process your approvals in the workspace, see Approve or reject requests in the Vulnerability Manager Workspace. Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response, and Configuration Compliance
    • sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin for host vulnerable items (VITs)
    • sn_vul.app_sec_manager for application vulnerable items (AVITs)
    • sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin for container vulnerable items (CVITs)
    • sn_vulc.admin for configuration test results (CTRs)
    Libraries Consists of the following lists:
    • CVEs (NVD) - List of all the Common Vulnerability and Exposures (CVEs) from Vulnerability Response, Application Vulnerability Response, and Container Vulnerability Response.
    • TPEs - List of imported third-party vulnerabilities in your instance. Contains a list of related references, vulnerable items, exploits, and CVEs.
    • CWEs - List of all the Common Weakness Enumerations (CWEs) from Vulnerability Response, Application Vulnerability Response, and Container Vulnerability Response.
    • App vulnerabilities - List of all the third-party application vulnerability entries.
    • Test Groups - List of all the Configuration Compliance test groups. You can view the percentage of CI compliance and test results compliance for a Test Group in the record view.
    • Tests - List of all the tests from Configuration Compliance. You can view the percentage of test results compliance for a test in the record view.
    • Compensating Controls - List of all the compensating controls which can be used for risk reduction requests. You can add a compensating control by clicking New. For more information on how to add a compensating control, see Add a compensating control to the library.
    		 Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response, and Configuration Compliance
    • sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin for host vulnerable items (VITs)
    • sn_vul.app_sec_manager for application vulnerable items (AVITs)
    • sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin for container vulnerable items (CVITs)
    • sn_vulc.admin for configuration test results (CTRs)
    CMDB Contains the following lists
    • Discovered items:List of all the discovered items.
    • Discovered container images: List of Container images. These container images provide information on the image ID, Docker image, and the image repository along with the layer information.
    • Discovered Applications table added to the Vulnerability Manager Workspace view. Allows reapply on selected or filtered discovered items or applications in Workspace.
    		Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response, and Configuration Compliance
    • sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin for host vulnerable items (VITs)
    • sn_vul.app_sec_manager for application vulnerable items (AVITs)
    • sn_vul_container.vulnerability_analyst or sn_vul_container.vulnerability_admin for container vulnerable items (CVITs)
    • sn_vulc.admin for configuration test results (CTRs)
    Penetration Test Assessment Requests Contains the following lists:
    • Active: List of active Penetration Test Assessment Requests.
    • All: List of both active and inactive Penetration Test Assessment Requests
    • Assigned to me: List of Penetration Test Assessment Requests raised by you.
    • Assigned to my group: List of Penetration Test Assessment Requests raised by the users in your assignment groups.

    For information on how to create a penetration test assessment request, see Create a new penetration testing assessment request.

    		 Application Vulnerability Response sn_vul.app_sec_manager
    Penetration Test Findings Contains the following lists:
    • Active: List of all the active Penetration Test Findings.
    • All: List of both active and inactive Penetration Test Findings.
    • Assigned to me: List of Penetration Test Findings assigned to you for remediation.
    • Assigned to my group: List of Penetration Test Findings assigned to your assignment groups for remediation.

    For information on how to create a penetration test findings, see Create penetration test findings based on an assessment questionnaire.

    		 Application Vulnerability Response sn_vul.app_sec_manager
    Patches All: List of all the available patches that can be used to remediation host vulnerable items. Vulnerability Response sn_vul.vulnerability_analyst, or sn_vul.vulnerability_admin
    Supporting Data Contains the following lists:
    • Authoritative Sources: List of authoritative sources that provide summary information which is useful to research the source publications.
    • Technologies: List of technologies that provide the summary information about each authoritative sources and citation (also known, in Qualys, as a framework).
    		 Configuration Compliance sn_vulc.admin