Integrations and dependencies of the Vulnerability Response Patch Orchestration with the Microsoft SCCM application

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Integrations and Dependencies of the Vulnerability Response Patch Orchestration with the Microsoft SCCM Application

    The Vulnerability Response Patch Orchestration integrates with Microsoft System Center Configuration Manager (SCCM) to manage patches effectively. This integration is essential for viewing patch orchestration data and updates within the ServiceNow platform. Various applications are required for this integration, all of which can be found in the ServiceNow® Store.

    Show full answer Show less

    Key Features

    • Required Applications: The following applications are necessary for the integration:
      • Vulnerability Response
      • Vulnerability Solution Management
      • Vulnerability Response Patch Orchestration
      • Common Security Support
      • Security Support Orchestration
      • Service Graph connector with SCCM
    • Integration Components: The integration consists of several key components that facilitate data processing:
      • Microsoft SCCM Collection Integration
      • Microsoft SCCM Device Collection Integration
      • Microsoft SCCM Patch Update Integration
      • Microsoft SCCM Deployments Integration
    • Application Tables: The Vulnerability Response Patch Orchestration application contains important tables for storing patch and device information, including:
      • Patch Update
      • Device Update
      • Collection
      • Device Collection
      • Patch Deployment
      • Potential Patch

    Key Outcomes

    By utilizing this integration, ServiceNow customers can effectively manage and monitor patch deployments. The scheduled integrations ensure timely data retrieval from SCCM, enabling users to maintain up-to-date records on patch status and device collections. This orchestration enhances vulnerability management and operational efficiency within the organization.

    The following product and dependency applications are required for the Vulnerability Response Patch Orchestration with Microsoft System Center Configuration Manager (SCCM) integration. These applications are available in the ServiceNow® Store

    Available versions of applications and dependencies required for the patch orchestration integration

    To view patch orchestration data and available updates (patches) in the workspaces and the classic UI in Vulnerability Response, the following applications are required. All applications listed are available in the ServiceNow® Store. Some applications require separate subscriptions.

    For more information about version compatibility with the required applications and family releases, refer to the KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes article in the HI Knowledge Base.

    Application and release version
    Vulnerability Response
    Vulnerability Solution Management
    Vulnerability Response Patch Orchestration application
    Vulnerability Response Patch Orchestration with Microsoft SCCM application
    Security Support Common
    Security Support Orchestration
    Service Graph connector with SCCM

    Vulnerability Response patch orchestration application tables

    The Vulnerability Response Patch Orchestration application contains the following tables:

    Table Description
    Patch Update [sn_vul_patch_orch_update] Stores information about the patches that are available on distinct instances.
    Device Update [sn_vul_patch_orch_m2m_src_ci_update] Stores data about the deployed patches, along with deployment status, that are on displayed on discovered item records.
    Collection [sn_vul_patch_orch_collection] Stores collection data from distinct instances.
    Device Collection [sn_vul_patch_orch_m2m_src_ci_collection] Stores collections data about discovered items.
    Patch Deployment [sn_vul_patch_orch_deployment] Stores information about deployed patches about Collections and CIs.
    Potential Patch [sn_vul_patch_orch_m2m_vuln_patch] Stores data about patches and vulnerabilities that identify the patches that might be used to resolve a vulnerability.

    Vulnerability Response Patch Orchestration with Microsoft SCCM integrations

    The integrations developed by ServiceNow® engineering make up the orchestrated solution deployment with the Microsoft SCCM product. The following integrations are included with the Microsoft SCCM Patch Orchestration Integration application that you download from the ServiceNow® Store.

    After you install the integration application on your ServiceNow AI Platform instance, to view these integrations, navigate to Integrations > SCCM Patch Orchestration Integration > Integrations. The Vulnerability Response application processes data on scheduled time intervals imported by these integrations with Microsoft SCCM endpoints.

    Integration Description
    Microsoft SCCM Collection Integration
    • This integration is scheduled to run daily and runs first in the chained integration run.
    • Retrieves the device collections from the SCCM Collections.
    Microsoft SCCM Device Collection Integration
    • When scheduled, this integration is triggered by the completion of the SCCM Collection Integration. You can also run it on-demand.
    • This integration fetches the devices under each collection. This integration creates records in the discovered items table and Device Collection table.
    Microsoft SCCM Patch Update Integration
    • When scheduled, this integration is triggered by the completion of the SCCM Device Collection Integration. You can also run it on-demand.
    • Retrieves information from the SCCM server about the Patches that are either installed or missing on devices (assets).
    Microsoft SCCM Deployments Integration
    • When scheduled, this integration is triggered by the completion of the Patch Update Integration. You can also run it on-demand.
    • Retrieves information about the patches scheduled by the IT team in the SCCM server.