Wiz and ServiceNow VR: Prioritize and respond to cloud vulnerabilities faster

Wiz is excited to announce its new integration with ServiceNow Vulnerability Response (VR), creating a combined vulnerability management workflow that eliminates blind spots and prioritizes risks.

2 minutes read

Wiz is excited to announce its new integration with ServiceNow Vulnerability Response (VR), creating a combined vulnerability management workflow that eliminates blind spots and prioritizes risks.  

Vulnerability management is one of the main security concerns for enterprises worldwide, and security teams put a lot of time and effort into detecting and mitigating vulnerabilities in their organizations’ environments. In 2021 alone, 18,376 vulnerabilities were recorded in the US-CERT vulnerability database, which translates into 50 new vulnerabilities that require the security team’s attention each day.

For an efficient vulnerability remediation process, organizations need to overcome three main challenges:

  1. Full visibility— You cannot protect what you do not see. To eliminate security holes, you must gain full visibility into all the resources in your cloud environment. This is even more challenging in cloud environments that rely solely on agent-based solutions, as security agents fail to provide full coverage.  

  2. Prioritized remediation— Fixing everything everywhere immediately is unfeasible. Security teams must be able to identify the most toxic combinations of risk factors in their cloud environment in order to prioritize and patch the most vulnerable resources first.

  3. Seamless integration—The mitigation process should be incorporated seamlessly with the organization’s existing security flow, and as automated as possible.

Wiz uses agentless scanning to gain full visibility into any cloud environment, with zero impact on your business operations. It delivers unified coverage across cloud service providers and compute architectures, from virtual machines and containers to serverless functions. The agentless scan surfaces vulnerabilities in your infrastructure, including CVE severity and exploitability score. Moreover, since Wiz scans for a wide range of cloud infrastructure risks such as secret or network exposure, it identifies toxic combinations and resource interconnections that together pose the highest security risks. This allows you to focus on the risks that matter the most.

For example, a vulnerable host that is exposed to the internet can be more easily exploited, and is therefore riskier than a host that does not have internet access. If this vulnerable resource can also assume a role with high permissions or has exposed secrets, that could lead to lateral movement, and should therefore be prioritized in the patching process.

With an understanding of the highest priority vulnerabilities in your environment, the next step is remediation. Integrating Wiz with ServiceNow Vulnerability Response (VR) significantly improves your end-to-end vulnerability management workflow from detection to remediation. ServiceNow VR ingests the vulnerabilities data detected by Wiz together with the remediation recommendations and information about virtual machines where vulnerabilities were detected. The findings and asset data from Wiz are synced into ServiceNow and matched against existing Vulnerability Items (VI) and Configuration Management Database (CMDB) data. By using the Now Platform® workflow and automation capabilities, security and IT teams can respond faster and more efficiently, giving them a streamlined process for vulnerability management from beginning to end.

Visit the ServiceNow store to get the Wiz Integration for Security Operations app.


Detect and prioritize CISA Known Exploited Vulnerabilities in the cloud with Wiz

For each CVE, the Wiz Research team maintains data from multiple threat intelligence sources and our own independent research. Now that we’ve added support for the new CISA KEV catalog, learn how you can use it in your cloud environment.

Wiz and RegScale: Cloud security compliance management at scale

Learn how to achieve compliance security at scale with Wiz and RegScale, supporting a variety of compliance framework controls.

5 reasons endpoint security agents are not enough

In this post, we discuss five security limitations of endpoint security agents and also explain how adding agentless solutions can improve your cloud environment security.
EVEN MORE TO DISCOVERReady to see for yourself?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
Chipotle Logo
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Blackstone Logo
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Mars Logo
Greg PoniatowskiHead of Threat and Vulnerability Management