Using Operational Technology Vulnerability Response

  • Release version: Xanadu
  • Updated January 22, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Using Operational Technology Vulnerability Response

    The Operational Technology Vulnerability Response (OTVR) application, accessible via the Industrial Workspace, enables ServiceNow customers to manage and respond to vulnerabilities in operational technology (OT) environments. After completing required setup tasks, including importing vulnerable items from third-party integrations, users can track, assess, and remediate OT vulnerabilities efficiently.

    Show full answer Show less

    Key Features

    • Industrial Workspace Access: Provides a centralized landing page and menus for managing OT vulnerabilities.
    • OTVR (PA) Dashboard: Tracks the volume, performance, and progress of vulnerable items from detection to containment or remediation. Users can filter reports by assignment group, exploits, risk rating, or state to gain detailed insights into vulnerability exposure and affected services.
    • OT Vulnerability Risk Rollup Dashboard: Displays vulnerability risk scores in two tables: one for equipment model entities and another for OT devices without assigned sites.
    • List Menu: Allows viewing of all accessible OT Vulnerable Item records and remediation tasks assigned to the user or their groups. Includes views for remediation tasks, vulnerable items, and exception requests.
    • Equipment Model Manager: Facilitates viewing OT vulnerable items and creating remediation tasks linked to specific equipment model entities.
    • Hardware Vulnerability Assessment: Manages vulnerability assessments of OT device firmware, with tabs for fully matched, partially matched, ignored assessments, vulnerable items, and those awaiting normalization.
    • Remediation Task Management: Enables creation of remediation tasks for equipment model mapped OT devices, selection of start times based on equipment schedules, splitting of remediation tasks, and deferral via exception requests.
    • Compensating Controls: Supports management of alternative security measures when immediate patching of OT vulnerabilities is not feasible.

    Practical Use and Benefits

    This application empowers ServiceNow customers to maintain operational technology security by providing comprehensive tools to track and mitigate vulnerabilities. It ensures visibility into risk exposure through dashboards and list views, supports efficient remediation task management, and accommodates real-world constraints with compensating controls and exception handling. Users can expect streamlined workflows that integrate with existing IT and OT asset data, enhancing overall vulnerability management and risk reduction in industrial environments.

    After you complete all required set up tasks, including importing vulnerable items from a third-party integration, you can use the Operational Technology Vulnerability Response application from the Industrial Workspace.

    Industrial Workspace

    To use Operational Technology Vulnerability Response, access the following landing page and menus from the Industrial Workspace.

    For more information on the Industrial Workspace, see Industrial Workspace.

    OTVR (PA) dashboard in the Industrial Workspace

    Use the OTVR (PA) dashboard to track the volume, performance, and progress of your vulnerable items from the initial analysis and detection to the containment, or remediation. You can filter the reports by the assignment group, exploits, risk rating, or state to get insight into your vulnerability exposure and the services that are affected.

    For more information about the OTVR (PA) dashboard, see Operational Technology Vulnerability Response (PA) dashboard

    OT Vulnerability Risk Rollup dashboard overview

    The Operational Technology (OT) Vulnerability Risk Rollup dashboard contains two tables for your vulnerability risk scores.
    • Vulnerability risk table for your equipment model entities
    • Vulnerability risk table for OT devices with no site assigned

    List menu

    Use the List menu to view all OT Vulnerable Item records that you have access to and remediation tasks that have either been assigned to you or to an assignment group that you are a member of.
    • OT Remediation Tasks
      • Assigned to me
      • Assigned to my groups
    • OT Vulnerable Items
      • Assigned to me
      • Assigned to my groups
      • My Exception Requests
      • All Exceptions
        Note:
        The All Exceptions list also shows exceptions with a Rejected state.

    Navigate to records under the OT Remediation Tasks or OT Vulnerable Items list menus to get more OT-related context. To view the history of the record, you can view the Activity window in the record where various work notes, comments, and record updates are captured. You can also add new comments or work notes in the Compose window.

    For more information about remediation tasks, see Create a remediation task.

    For more information on how to use the List view in the Industrial Workspace for Operational Technology Vulnerability Response, see Use the List view in the IT Remediation Workspace.

    Equipment model menu

    Use the Equipment Model Manager to view OT vulnerable items, and view and create remediation tasks associated with OT devices that are mapped to an equipment model entity.

    Hardware Vulnerability Assessment

    Use the Hardware Vulnerability Assessment menu to view and manage the vulnerabilities assessments that have performed on the firmwares of the OT devices in the inventory.

    Use the following tabs in the Hardware Vulnerability Assessment menu to view all the assessments records and the vulnerable items that are created automatically:
    • Fully matched assessments
    • Partially matched assessments
    • Vulnerable items
    • Ignored assessments
    • Awaiting Normalization