The Carbon Black ServiceNow Vulnerability Response Application ingests vulnerabilities from the Carbon Black Cloud platform.
A Vulnerable Item is created from fetched vulnerability and the configuration item.
Vulnerabilities are retrieved from the Carbon Black Cloud platform when the Vulnerability Response App has an active Configuration Profile.
To obtain the most complete information about assets and configuration items in ServiceNow, enable Asset Inventory Ingestion. See Create a ServiceNow Configuration Profile and Configure Asset Inventory Data Ingestion (Optional).
Roles and Permissions
For all actions described for the Vulnerability Response App, the VMware CBC Analyst (x_vmw_cb_connector.analyst) role is required.
Configuration of the application, including of profiles, requires VMware CBC Admin (x_vmw_cb_connector.admin).
For details about roles and users, see Configuring ServiceNow Roles and Users.
Domain Separation (Multi-tenancy)
- Use the Domain Separation feature to isolate Carbon Black Cloud data from different organizations and manage access controls.
- You must activate the Domain Support - Domain Extensions Installer plugin to use this feature. See Activate Domain Support - Domain Extensions Installer for ServiceNow.
- Use the Domain Separation feature to create child domains and assign users to a specific domain.
- Users can have multiple child domains assigned to a Parent domain.
- Each child domain can have a separate Configuration Profile with different alert records.
