Manually send vulnerabilities from IoT Security through
Cortex XSOAR to ServiceNow to make work orders.
From the IoT Security portal, send a device
vulnerability to ServiceNow. Before sending it, IoT Security converts
the vulnerability into a security incident, which ServiceNow receives
in its Zingbox alerts vulnerability incident table. From there,
a ServiceNow user can create a work order for a network security
analyst to investigate.
, click a vulnerability
name, and then select the check box of a vulnerable device or potentially vulnerable
device that you want to investigate.
to ServiceNow panel appears.
Add a comment.
After you enter a comment, the Send button changes from
gray to blue, indicating that you can proceed.
After you click
, a link appears.
When you click it, a new browser window opens to the XSOAR playbook
for this action.
that the vulnerability was sent, click the link to the XSOAR playbook for
For the link in IoT Security to open the
corresponding playbook in Cortex XSOAR, you must already be logged
in to your XSOAR instance before clicking it.
boxes in the playbook indicate that a particular step was successfully
performed. Following the path through the playbook gives you feedback
about whether an action was carried out successfully or, if not,
where the process changed course.
The action “Sent to ServiceNow”
appears in the Vulnerability Responses column. If you don’t see
this column, click the Columns icon (
) and select
Log in to ServiceNow and check the table you created
for receiving security incidents from IoT Security.
can also send a vulnerability to ServiceNow from the Risks section
of the Device Details page.