Snyk and ServiceNow: Streamlining Vulnerability Management with ServiceNow VR Assignment Rules

Snyk is committed to our partnership with ServiceNow, and together, we're revolutionizing how organizations manage Application vulnerabilities and risk. Snyk's market-leading developer security platform and ServiceNow's robust Security Operations (SecOps) capabilities offer a powerful solution for Application Security teams and Enterprise CISOs. This blog post will explore how ServiceNow's Vulnerability Assignment rules can be leveraged to increase productivity and visibility within the Application Vulnerability Response (AppVR) module.

The Challenge of Vulnerability Management

Organizations today face an overwhelming number of vulnerabilities across their applications. Assigning the right tasks to the appropriate teams for remediation can be daunting. Without a streamlined process, vulnerabilities can easily slip through the cracks, leading to potential security breaches and compliance issues. Manual assignment processes are time-consuming and error-prone and cannot keep up with the rapid pace of vulnerability discovery. This is where ServiceNow's Vulnerability Assignment rules come into play.

The Solution: Correlating Vulnerability data to CMDB fields in ServiceNow Vulnerability Assignment Rules

ServiceNow's Vulnerability Assignment rules allow you to automate the assignment of vulnerability tasks based on specific criteria. By defining conditions and actions within these rules, you can ensure that vulnerabilities are routed to the correct teams for remediation. This automation saves time and improves accuracy and consistency in vulnerability management.

Example: Correlating Vulnerabilities to CMDB Data

One powerful use case for Vulnerability Assignment rules is correlating vulnerability characteristics with Configuration Management Database (CMDB) data. For example, you can create a rule that assigns vulnerabilities found in applications to the developer team responsible for those applications. Here's a sample script that demonstrates this

var sysid = current.application_release + "";
var appGr = new GlideRecord("sn_vul_app_release");
var foundMatch = false; // Flag to track if a match was found
if (appGr.get(sysid)){
	if (appGr.source_additional_info["CMDBID"] !== undefined){ //Set value to Project Tag Key if not "CMDBID"
    	var tag_value = appGr.source_additional_info["CMDBID"];
    	var baGr = new GlideRecord("cmdb_ci_business_app");
    	baGr.addQuery("name", tag_value);
    	baGr.query();
    	if (baGr.next()){
        	if (tag_value == baGr.getValue("name")){
                current.assignment_group = baGr.managed_by_group; // sysid of group
            	foundMatch = true;
        	}
    	}
	}
	if (!foundMatch) { // Check if the flag is still false
    	current.assignment_group = "59c04da2b7a1101004aae3fdde11a9f4";  //sysid of default group such as AppSec Team
	}
}

This script compares the tag data from an imported vulnerability to the “Name” of any “Business Application” defined in CMDB. If a match exists, the task is assigned to the Managed_by group for that business application. If no match is found, the vulnerability is assigned to a default group that may be responsible for assigning vulnerabilities. 

Snyk's AppVR Integration with ServiceNow

The Snyk Security for Application Vulnerability Response integration further enhances the vulnerability management process. By seamlessly integrating Snyk's vulnerability intelligence with ServiceNow's AppVR capabilities, you can gain a comprehensive view of your application security posture and streamline remediation workflows.

To learn more about this integration and explore a real-world example, visit the ServiceNow - Vulnerability assignment rules lesson in Snyk Learn.

Boost Security with ServiceNow and Snyk

ServiceNow Vulnerability Assignment rules and Snyk's AppVR integration provide a powerful solution for automating and optimizing vulnerability management. By leveraging these tools, you can increase productivity, improve visibility, and reduce the risk of security breaches. Snyk and ServiceNow are committed to helping organizations achieve their application security goals.