Preparing for the Microsoft Threat and Vulnerability Management Vulnerability Integration

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Preparing for the Microsoft Threat and Vulnerability Management Vulnerability Integration

    This guide helps ServiceNow customers prepare for the integration of Microsoft Threat and Vulnerability Management (MS TVM) with the Vulnerability Response application. By following the preparation checklist and setup tasks, customers ensure a smooth installation and efficient import of vulnerability data into their ServiceNow AI Platform instance.

    Show full answer Show less

    Preparation Checklist

    • Obtain MS TVM Credentials: Have either ClientSecret, ClientId, and TenantId or Username, Password, ClientId, and TenantId ready for MS TVM account setup.
    • Install Vulnerability Response Application: Ensure the Vulnerability Response app (version 14.0 or later) is installed and activated before adding the MS TVM integration.
    • Download Integration App: Acquire the Vulnerability Response integration with MS TVM application and download it to your ServiceNow AI Platform instance.
    • Estimate Vulnerable Items: Assess the number of vulnerable items to import and verify that your instance can handle this volume to avoid performance issues.
    • Assign Appropriate Roles and Groups:
      • admin: Installs the integration and assigns roles.
      • snvul.vulnerabilityadmin: Configures the integration and manages Vulnerability Response application settings.
      • snvulmsfttvm.configureintegration: Manages MS TVM integration setup.
      • snvulmsfttvm.readintegration: Views MS TVM integration records.
      • Vulnerability Response group: Default group for remediation and read access; consider creating additional user groups as needed.
    • Install NVD Integration: Install the Vulnerability Response integration with the National Vulnerability Database (NVD) and run the NIST NVD Integration API for CVE data to improve initial import performance.
    • Optimize Performance: Disable unused vulnerability calculators and notification-related business rules during initial data import to reduce system load and avoid excessive notifications.

    Next Steps

    Once preparations are complete, use the Setup Assistant to install and configure the Vulnerability Response integration with the MS TVM application, enabling efficient vulnerability ingestion and management within your ServiceNow environment.

    You can prepare for the ServiceNow® Microsoft Threat and Vulnerability Management (MS TVM) Vulnerability integration by performing setup tasks.

    Before you begin using a checklist

    To install and configure the Vulnerability Response Integration with the MS TVM application, you can print the following checklist and verify the items listed are completed before you install the application and import vulnerability data into your ServiceNow AI Platform® instance.

    Table 1. Integration preparation checklist
    Task Description
    Checkbox image. Verify that you have one of the following sets of information:
    Checkbox image. If not already installed and activated, install the Vulnerability Response application before you install the third-party application.

    For more information about installing and activating the Vulnerability Response application, see Install Vulnerability Response. This integration requires version 14.0 of Vulnerability Response or later.
    Checkbox image.

    If you don't already have the application on your instance, get entitlements and download the Vulnerability Response integration with MS TVM application to your ServiceNow AI Platform® instance.

    See .
    Checkbox image.

    Estimate the number of vulnerable items that you expect to import.

    Verify that your instance can accept the number of vulnerable items that you expect to import. An undersized instance can lead to long load times. If you don't know the size of your instance, or if you need assistance, contact ServiceNow® Technical Support.
    Checkbox image.

    Verify that you have the following groups or users to manage the integrations and to remediate vulnerable items:

    admin
    Uses Setup Assistant to install the Vulnerability Response integration with the MS TVM application. If not assigned, the admin assigns the vulnerability admin (sn_vul.vulnerability_admin) and other roles in Setup Assistant.
    sn_vul.vulnerability_admin
    Completes the configuration of the MS TVM integration. This role has complete access to the Vulnerability Response (VR) application and its records. This admin configures all VR applications and rules and configures third-party integrations.
    sn_vul_msft_tvm.configure_integration
    Configures the MS TVM Vulnerability Integration. This role contains the sn_vul_msft_tvm.read_integration granular role.
    sn_vul_msft_tvm.read_integration
    Views (reads) records of the MS TVM Vulnerability Integration.
    Vulnerability Response group
    By default, the Vulnerability Response group is available in Setup Assistant. Users assigned to the Vulnerability Response group inherit the sn_vul.read_all and sn_vul.remediation_owner roles automatically.

    If not already created, you may prefer to create additional groups and add users with the User Administration module in your instance before you use Setup Assistant. For more information, see Create a user group.

    Persona and granular roles are available to help you manage what users can do and see in the Vulnerability Response application. For initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant.
    Checkbox image. Install the Vulnerability Response integration with NVD and run the NIST National Vulnerability Database Integration - API (CVE only).
    Checkbox image.

    To promote improved performance for your first import, you can disable certain features, rules, or jobs in your instance.

    • Disable vulnerability calculators if you do not use them. These calculators, plus any that you have defined, run every time a vulnerable item record is created or updated. For more information, see Disable the default vulnerability calculator if not used.
    • During the initial import of records, certain notification-related business rules can cause many notifications to be generated, which could impact the performance of the ingestion.

    You are ready to Install and configure the Vulnerability Response Integration with the MS TVM application using Setup Assistant.