The Expander Configuration Compliance module automatically ingests Expander policies and issues into ServiceNow Configuration Compliance, enabling you to identify configuration items in the ServiceNow CMDB for which Expander has detected security issues.
Key Functionality
Import Expander policies as ServiceNow Configuration Tests, with the ability to filter by category, policy, and status.
Import Expander Issues as ServiceNow Configuration Test Results, with the ability to filter by tags, business units, and activity status.
Each Test result is linked to it’s related Configuration Test.
Each Test result is linked to a discovered item and configuration item.
Frequency of ingests can be adjusted in the guided setup.
Default Configuration Item (CI) Lookup rules are pre-installed by Xpanse to map asset information on the Configuration Test to an existing configuration item in your CMDB.
Create new CI Lookup rules using the information in the Xpanse Issue payload. If no matches are found, then a Discovered item and Unmatched Configuration Item will be created and linked back to the Test result.
Track status of Vulnerability Runs.
For more information about the Expander Configuration Compliance module, see the ServiceNow Configuration Compliance Installation and Configuration Guide posted on the Palo Alto Networks ServiceNow Integrations page. .