---
title: "ServiceNow App for Vulnerability Response"
slug: "servicenow-app-for-vulnerability-response"
updated: 2023-11-20T22:30:39Z
published: 2023-11-20T22:30:39Z
canonical: "help.nucleussec.com/servicenow-app-for-vulnerability-response"
stale: true
---
> ## Documentation Index
> Fetch the complete documentation index at: https://help.nucleussec.com/llms.txt
> Use this file to discover all available pages before exploring further.
# ServiceNow App for Vulnerability Response
## Overview
The Nucleus ServiceNow App connector integrates directly with ServiceNow through [the Nucleus Security for Vulnerability Response app](https://store.servicenow.com/sn_appstore_store.do#!/store/application/033a97958793bc1007a6a60d3fbb35d3/1.0.0?referer=/store/search?listingtype=allintegrations%253Bancillary_app%253Bcertified_apps%253Bcontent%253Bindustry_solution%253Boem%253Butility%253Btemplate%253Bgenerative_ai%253Bsnow_solution&q=nucleus%20security%20for%20vr&sl=sh). It runs directly on your ServiceNow environment and enables integration with Vulnerability Response.
:::(Warning) (Installation Requirement)
The Nucleus Security for Vulnerability Response ServiceNow app has several different integrations including assets, third party vulnerabilities, and vulnerable items. It is intended to be installed and configured by a Nucleus Security for Vulnerability Response specialist alongside a ServiceNow administrator with experience with ServiceNow SecOps Vulnerability Response, as an intimate knowledge of both ServiceNow, SecOps, and Nucleus is required to configure the app correctly. As such, the connector must be manually enabled for your Nucleus organization prior to installing the app.
Reach out to your Nucleus customer success representative to have the app enabled and set up an onboarding call between yourself, Nucleus and one of your ServiceNow administrators.
:::
## Prerequisites
* Admin permission in your ServiceNow instance to install and configure the app.
* Vulnerability Response installed in ServiceNow.
* The ServiceNow App connector has been enabled for your Nucleus organization.
## Connector setup
:::(Info) (Non-production run through)
We strongly recommend you first complete this entire installation in a non-production Nucleus project (e.g., Sandbox project with sample data) and non-production ServiceNow environment (e.g., Dev or UAT instance) prior to configuring in production.
:::
### Install the Nucleus Security for Vulnerability Response app in ServiceNow
1. Navigate to [the **Nucleus Security for Vulnerability Response** app in the ServiceNow App Store](https://store.servicenow.com/sn_appstore_store.do#!/store/application/033a97958793bc1007a6a60d3fbb35d3/1.0.0?referer=/store/search?listingtype=allintegrations%253Bancillary_app%253Bcertified_apps%253Bcontent%253Bindustry_solution%253Boem%253Butility%253Btemplate%253Bgenerative_ai%253Bsnow_solution&q=nucleus%20security%20for%20vr&sl=sh).
1. Click **Get**.
1. Log in with your ServiceNow ID using **admin** permissions.
### Create and configure the local integration user
1. Log in to your ServiceNow instance with **admin** permissions.
1. From the navigation bar on the left, under **User Administration**, select **Users**.
1. Click **New**.
1. In the **User ID** field, enter the username `nucleussec.project` or any custom username of your choice.
1. In the **First Name** field, enter any first name.
1. In the **Last Name** field, enter any last name.
1. Optionally, in the **Title** and **Department** fields, enter any values of your choice.
1. In the **Password** field, enter a password for the user and make a note of it.
1. Click **Submit**.
1. In the list of users, select the new user you created.
{width="750"}
1. Ensure **Active** is selected.
1. Disable **Web service access only**. This setting must be disabled for the user impersonation check to pass. After that check has passed you can then choose to enable **Web service access only**.
1. Select the **Roles** tab.
1. Click **Edit...**.
1. Ensure the user has the following non-inherited roles applied to it:
* **x_nucse_nucleus_vr.admin**
* **sn_vul.vulnerability_admin**
1. Click **Save**.
1. From the navigation bar on the left, select **Nucleus Integrations**.
1. Here you can choose which what integration you would like to enable, by default all integrations should be enabled.
:::(Warning) (Nucleus Integrations)
Integrations were built using the native Vulnerability Response Integration factory scripts. It is not recommended to modify or customize the out of the box functionality unless you are familiar with ServiceNow Vulnerability Response integrations.
:::
### Set up the ServiceNow App connector in Nucleus
1. Log in to your Nucleus project.
1. From the navigation bar on the left, under **Project Administration**, select **Connector Setup**.
1. Select **ServiceNow App**.
{width="550"}
1. In the **Name** field, enter a name for this connector.
1. Optionally, in the **Description** field, enter a description for this connector.
1. In the **Instance URL** field, enter the URL of your ServiceNow instance. Enter the base path only (e.g., `https://my-instance.service-now.com`).
1. Select the preferred authentication method: **Basic Auth** or **OAuth2**.
- **Basic Auth**:
1. In the **Username** field, enter the username you chose when [creating the user earlier](/v1/docs/servicenow-app#create-and-configure-the-local-integration-user) enter that username instead.
1. In the **Password** field, enter [the password of the user you created earlier](/v1/docs/servicenow-app#create-and-configure-the-local-integration-user).
- **OAuth2**:
1. Log in to your ServiceNow instance **admin** permissions.
1. From the navigation bar on the left, under **System OAuth**, select **Application Registry**.
1. Click **New**.
1. Click **Create an OAuth API endpoint for external clients**.
1. In the **Name** field, enter a name.
1. Ensure the Application is set to **Nucleus Security for Vulnerability Response**.
1. Click **Submit**.
1. Click on the name of the new application registry you created.
1. Copy the **Client ID**.
1. Copy the **Client Secret**.
1. Return to the Nucleus app.
1. In the **Username** field, enter `nucleussec.project`. If you chose a different username when [creating the user earlier](/v1/docs/servicenow-app#create-and-configure-the-local-integration-user) enter that username instead.
1. In the **Password** field, enter [the password of the user you created earlier](/v1/docs/servicenow-app#create-and-configure-the-local-integration-user).
1. In the **Client ID** field, enter the Client ID you copied from ServiceNow.
1. In the **Client Secret** field, enter Client Secret you copied from ServiceNow.
1. Click **Connect To ServiceNow**.
1. Click **Save & Finish**.
### Test the configuration
The Nucleus platform requires successful communication with ServiceNow. The following steps outline how to test the connection and ensure successful configuration of the Nucleus Security for Vulnerability Response application coming in to ServiceNow and out to the Nucleus platform.
1. Log in to your Nucleus project.
1. From the navigation bar on the left, under **Vulnerabilities**, select **Active**.
1. Select a vulnerability.
1. Click **Create Ticket**.
1. Select the **ServiceNow App** connector.
1. Make sure **Vulnerability Response** module is selected.
1. Click **Submit to ServiceNow** to test the ticket creation. You should see a success message.
1. In the vulnerability, click on the **Tickets** tab.
1. Click the arrow on the far right side of the ticket. A side window will extend out.
1. Verify the description loads correctly.
1. In the **Comment** field, enter a comment.
1. Click **Comment**.
1. In the **External ID** column on the far left, click on the incident number for the ticket. The ticket will open in ServiceNow.
1. Verify the ticket is correctly listed.