Patch orchestration with the Vulnerability Response Workspaces

  • Release version: Xanadu
  • Updated August 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Patch orchestration with the Vulnerability Response Workspaces

    Patch orchestration with the Vulnerability Response application enables ServiceNow customers to manage patches and patch deployments for critical vulnerabilities across large asset groups efficiently. It integrates scheduled imports from third-party solutions, patch vendors, and vulnerability scanners to consolidate patch data. This functionality is supported in both the classic environment and Vulnerability Response workspaces, providing a unified view of correlated patch and vulnerability data.

    Show full answer Show less

    Key Features

    • Integration with Patch Vendors and Vulnerability Scanners: Supports integrations such as HCL BigFix and Microsoft SCCM for patch orchestration.
    • Data Visibility in Workspaces: Patch data is accessible in the IT Remediation Workspace and Vulnerability Manager Workspace, allowing users to view patch updates, vulnerable items, preferred patches, and scheduled patch dates.
    • Patch Scheduling: Users can schedule patches directly from Patch Update records, Remediation tasks, and Discovered Items within the workspaces.
    • Role-Based Access: Access requires specific roles including vulnerability analyst/admin roles plus integration-specific roles to view data and manage patch scheduling.
    • Application Requirements: Viewing patch orchestration data requires installing specific ServiceNow applications available in the ServiceNow Store, some needing separate subscriptions.

    Practical Use and Benefits

    By leveraging patch orchestration within Vulnerability Response workspaces, customers can streamline vulnerability remediation workflows by centrally managing patch deployment activities. The integration with industry-leading patch management tools and scanners ensures up-to-date patch information is available, improving risk mitigation for vulnerabilities. Role-based access controls ensure that only authorized personnel can view and act on patch data, maintaining security and compliance.

    ServiceNow customers can expect improved visibility into patch statuses, prioritized patch scheduling capabilities, and consolidated vulnerability and patch data views—all accessible directly within the modern Vulnerability Response workspaces.

    You can manage patches and patch deployments for critical vulnerabilities for large groups of your assets with Patch orchestration with Vulnerability Response.

    Patch orchestration in the Workspaces

    Patch orchestration with the Vulnerability Response application uses scheduled imports from third-party solution integrations, patch vendors, and vulnerability scanners.

    Patch orchestration with the Vulnerability Response application is supported in both the classic environment and the Vulnerability Response workspaces. Correlated data is rolled up and displayed in both the workspaces and the classic environment. For an overview about the features, requirements, and information about patch orchestration in the classic environment, see Patch orchestration with Vulnerability Response.

    Available versions of applications and dependencies required for the patch orchestration integration

    To view patch Orchestration data and available updates (patches) in the workspaces in Vulnerability Response, the following applications are required. All applications listed are available in the ServiceNow® Store. Some applications require separate subscriptions. See Patch orchestration with Vulnerability Response.

    Roles required

    In addition to the sn_vul.vulnerability_analyst or sn_vul.vulnerability_admin roles required for the Vulnerability Response Workspaces, users need roles that are specific to the patch orchestration integrations you are using to view data and schedule patches. See the following supported integrations for more information about these roles.

    See Understanding the HCL BigFix patch orchestration integration with Vulnerability Response and Understanding the Vulnerability Response patch orchestration integration with Microsoft SCCM.

    Patch data in the Vulnerability Response Workspaces

    In the IT Remediation Workspace, you can view patch data in the workspaces:

    • On the Home view, click scorecards to view records for Preferred solutions on VIs, Vulnerable CIs, and Preferred Patches on VIs.
    • On the List view, view all the Patch Update records (VPUs) and the vulnerable items that are assigned to you that have patches from the available links.

    You can schedule patches from the following records:

    • Patch Update (VPU)
    • Remediation task (RT)
    • Discovered Item (SDI)

    In the Vulnerability Manager Workspace, you can view patches:

    • From the Home view on watch topics on the Vulnerable Items tab, you can view preferred and potential patches, Patch scheduled dates, and other information.
    • From the List view on remediation effort records, you can view patch data on VIT records on the Vulnerable Items tab.