Microsoft Security Response Center Spoke
Integrate the Microsoft Security Response Center API with your ServiceNow instance to investigate all reports of security vulnerabilities affecting the Microsoft products and services, and gather information to manage security risks and keep the system protected.
Request apps on the Store
Visit the ServiceNow Store to view all the available apps, and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.
Integration Hub subscription
This spoke requires an Integration Hub subscription. For more information, see Legal schedules - IntegrationHub overview.
Spoke version
Microsoft Security Response Center spoke v1.3.0 is the latest version.
Supported versions
This spoke was built for Microsoft Security Response Center API version 2020, but may be compatible with later versions.
Spoke dependencies
- ServiceNow IntegrationHub Action Step - REST (com.glide.hub.action_step.rest)
- Complex Object (com.glide.cobject)
- ServiceNow IntegrationHub Runtime (com.glide.hub.integration.runtime)
Spoke actions
The Microsoft Security Response Center spoke provides actions to automate tasks when events occurs in your ServiceNow instance. Available actions include:
| Category | Action | Description |
|---|---|---|
| Abuse Management | Submit Abuse Report | Submits report to the Microsoft Computer Emergency Response Team using the Common Abuse Reporting system (CARS). |
| Security Management | Get Security Update Details | Retrieves information about the specific CVRF ID. |
| Look up Security Updates | Retrieves the list of all Microsoft security updates. | |
| Look up Security Updates By Key | Retrieves the list of security updates based on the provided ID, CVE, or year. |
Available AI agents
Install Now Assist for Integration Hub and start using the available AI agents. For more information, see Now Assist for Integration Hub.
- In the ServiceNow agentic system, you can create an agentic workflow that comprises of a set of large language model (LLM) instructions along with one or more standalone AI agents to execute an
objective. See Create an agentic workflow for information about adding AI agents to create agentic workflows as per your requirement and provide the required trigger.
You can also search for other available AI agents and add them to your agentic workflow. See Find AI agents for more information.
- You can create a clone of the required spoke AI agent and customize it as per your requirement. See Duplicate an AI agent for more information about creating a clone.
- See Now Assist AI agents for information about AI agents.
Available AI agent is Microsoft Security Response Center security manager. This AI agent retrieves details of the security updates based on the provided ID, CVE, or year.
There might be AI agents installed with the Now Assist application that are not used in agentic workflows. To learn how to see all agents that are available to you, see Find AI agents.
Connection and credential alias requirements
Integration Hub uses aliases to manage connection and credential information, and OAuth credentials. Using an alias eliminates the need to configure multiple credentials and connection information profiles when using multiple environments. If the connection or credential information changes, you don't need to update any actions that use the connection.
For information about setting up the spoke, see Set up the Microsoft Security Response Center spoke.