Configuration Compliance

ServiceNow Configuration Compliance Reduce backlogs and improve Prioritize and Remediate misconfigurations to reduce your attack surface visibility Traditional vulnerability assessment usually focuses on infrastructure and Centralize configuration data application vulnerabilities to find flaws at the development level, but a holistic, and remediation tasks across risk-based vulnerability management approach also includes accounting for teams. Coordinate workflows configuration vulnerabilities. These are flaws in deployment, such as open and track progress of issue services for protocols, weak passwords, and misconfigured network shares, that resolution. create openings for attackers. Misconfigurations accounted for 13% of all Drive faster, more efficient breaches in 2021, according to the Verizon Data Breach Investigations Report. response Many organizations track configuration issues manually via spreadsheets, Prioritize and respond to leveraging data from a security configuration assessment (SCA) tool to scan for misconfigurations quickly with anomalies. They also use gold images – hardened images that are certified for workflows and automation. OS vulnerabilities, security policies, and operational frameworks – to achieve a Reduce the amount of time degree of configuration compliance. Gold imaging is a useful way to keep spent on basic tasks with infrastructure and applications up to date in accordance with Center for Internet orchestration tools. Security (CIS) benchmarks, but they are only a snapshot in time. For many Mature your vulnerability organizations, IT and security still continuously struggle to keep up with re- management program certifying their images and conducting compliance checks on a regular basis. Get actionable insight from They want a way to monitor deviations, prioritize vulnerable assets, and assess remediation data and adapt security posture automatically, and they need a way to report their findings and policies accordingly. Leverage updates in real-time. reporting insights to tune The ServiceNow solution security practices and reduce organizational risk. ® ServiceNow Configuration Compliance allows you to identify, prioritize, and remediate vulnerable misconfigured software in deployment-stage assets as well Prioritize and remediate cloud as cloud configuration issues. By leveraging automated triage, service-aware risk configuration issues scoring, and integrated change management, Configuration Compliance can Use cloud metadata, such as help mature your vulnerability management journey. cloud account, region, provider, resource tags, and more, to manage the prioritization, assignment, and remediation of configuration issues.

It starts with integrating your SCA tool with ServiceNow® Security Operations. Pre- built integrations for Qualys and Tenable make setup easier. Data is imported from ServiceNow Vulnerability your SCA tool into ServiceNow, including tests, authoritative sources, and test Response results. Configuration Compliance is Configuration tests: settings or controls that a user enforces on assets (such as part of the ServiceNow password length). These configuration tests are grouped into policies that can be Vulnerability Response modified to meet the needs of every organization. Tests can also be organized by Enterprise Solution, built on the technology, with different versions of configuration tests based on the specific Now Platform®. Designed to technology. help security and IT teams respond faster and more Authoritative sources: these are industry-standard regulations that define known efficiently to incidents and software and hardware configurations. For example, this could encompass security vulnerabilities, using intelligent policies and procedures like PCI DSS. Authoritative sources can also report on workflows, automation, and a compliance to prepare for an audit. deep connection with IT to streamline response. Test results: the results of the configuration tests are imported into ServiceNow. When import is complete, calculations are run to prioritize the results. Prioritize Automatically Failed configuration test results are matched against assets in the ServiceNow® Configuration Management Database (CMDB) to help prioritize using business context. A customizable calculator uses both the severity of the misconfiguration andthe criticality of the affected asset to prioritize test results. With a prioritized list of configuration test failures, you can pinpoint which configuration issues to address first. Then group together failures based on the teams that will address them. Remediate quickly with workflows If remediation requires action from IT, the security analyst can easily create IT change tickets directly from a test result group or associate test results with existing ® change requests in ServiceNow IT Service Management. Remediation target rules define the expected time frame for remediation to see when dates are approaching or past due and ensure all failures are addressed. Alternately, when there are non-critical failures, exceptions can be requested and approved to defer remediation to a future date. Once failures are addressed, a follow-up scan confirms the fix and closes the issue Gain insights and manage risk Quickly see the status of configuration issues with the Configuration Compliance dashboard. Test results from Configuration Compliance can also feed into ® ServiceNow Governance, Risk, and Compliance to monitor risk. Configuration tests can be associated with a GRC policy to generate controls, profiles, and indicators. A test failure means the control is non-compliant, generating a risk issue. When the misconfiguration is remediated, the risk issue is closed automatically. This enables real-time visibility into configuration issues and allows organizations to take a proactive, risk-driven approach. Configuration Compliance works with ® ServiceNow Vulnerability Response for end-to-end assessment, management, and remediation of infrastructure, application, and configuration vulnerabilities. © 2023 ServiceNow, Inc. All rights reserved. ServiceNow, the ServiceNow logo, Now, Now Platform, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc. in the United States and/or other countries. Other company names, product names, and logos may be trademarks of the respective companies with which they are associated. servicenow.com