Tenable announced its enhanced integration with ServiceNow to help shared customers improve their vulnerability prioritization and remediation programs by addressing one of the most difficult challenges in cybersecurity – vulnerability overload.
Prioritizing vulnerabilities with the Common Vulnerability Scoring System (CVSS) presents significant limitations since it scores the majority as ‘high’ or ‘critical.’ Tenable recently released Vulnerability Priority Ratings (VPR) as part of Predictive Prioritization to help organizations focus remediation on the three percent of vulnerabilities that are most likely to be exploited. Now, Tenable is bringing VPR to ServiceNow Security Operations. For the first time, security and IT teams can use VPR scores to view, sort and filter the remediation priority of each flaw based on the risk it poses to the business.
The latest integration also enables customers to sync their vulnerability data 400 percent faster by ingesting multiple Tenable vulnerability data streams simultaneously – rather than individually – into ServiceNow Vulnerability Response and the ServiceNow CMDB.
“These enhanced integrations are putting the three percent of vulnerabilities that pose the most imminent threat to the business into the hands of the IT teams so that they can focus on remediating what matters most,” said Ray Komar, Vice President of Technical Alliances, Tenable. “Together with ServiceNow, we will position our shared customers to more quickly manage, measure and reduce their cyber risk and build strategic Cyber Exposure practices.”
The enhanced integration introduces a single integration app, providing a seamless user experience and interface for customers who leverage the flexible deployment options of the Tenable Cyber Exposure platform.
“Most data breaches occur because of a failure to patch, yet many organizations struggle with the basic hygiene of patching and vulnerability response,” said Sean Convery, General Manager of ServiceNow’s Security Business. “Together, ServiceNow and Tenable offer customers rich context around the business impact and security risk of vulnerabilities, so they can work smarter by focusing on patching the vulnerabilities that have the highest potential impact.”