Patch orchestration with the Vulnerability Response Workspaces

Release version: Yokohama

Updated January 30, 2025

2 minutes to read

Summarize

Summarized using AI

Summary of Patch orchestration with the Vulnerability Response Workspaces

Patch orchestration with the Vulnerability Response Workspaces enables you to efficiently manage patches and patch deployments for critical vulnerabilities across large asset groups. This functionality integrates scheduled imports from third-party patch vendors, vulnerability scanners, and solution integrations, providing a consolidated view of patch data within both the classic environment and the Vulnerability Response workspaces.

Show full answer Show less

Key Features

Integration Support: Supports integrations with major patch vendors such as HCL BigFix and Microsoft SCCM, allowing seamless scheduling and deployment of patches directly from the workspace.
Data Correlation and Display: Vulnerability and patch data from various sources are correlated and presented cohesively in both the classic Vulnerability Response environment and the modern workspaces.
Comprehensive Patch Scheduling: Users can schedule patches from multiple record types including Patch Update (VPU), Remediation Task (RT), and Discovered Item (SDI) within the workspaces.
Workspace Views:
- In the IT Remediation Workspace: View scorecards for preferred solutions on Vulnerable Items (VIs), see all Patch Update records, and manage assigned patches.
- In the Vulnerability Manager Workspace: Monitor preferred and potential patches, scheduled patch dates, and related patch data on vulnerable items and remediation efforts.
Required Applications and Roles: Specific ServiceNow applications from the ServiceNow Store are necessary for patch orchestration functionality. Additionally, users must have roles like snvul.vulnerabilityanalyst or snvul.vulnerabilityadmin, plus roles specific to the patch orchestration integrations used (e.g., for BigFix or SCCM).

Practical Benefits for ServiceNow Customers

Enables centralized and streamlined patch management for critical vulnerabilities, reducing manual effort and improving remediation speed.
Provides visibility into patch status and scheduling directly within Vulnerability Response workspaces, facilitating better prioritization and tracking.
Supports enterprise-scale integrations with leading patch management tools, ensuring compatibility with existing IT infrastructure.
Empowers vulnerability analysts and administrators with role-based access to patch orchestration features tailored to their responsibilities.

You can manage patches and patch deployments for critical vulnerabilities for large groups of your assets with Patch orchestration with Vulnerability Response.

Patch orchestration in the Workspaces

Patch orchestration with the Vulnerability Response application uses scheduled imports from third-party solution integrations, patch vendors, and vulnerability scanners.

Patch orchestration with the Vulnerability Response application is supported in both the classic environment and the Vulnerability Response workspaces. Correlated data is rolled up and displayed in both the workspaces and the classic environment. For an overview about the features, requirements, and information about patch orchestration in the classic environment, see Patch orchestration with Vulnerability Response.

For more information about the supported integrations with patch vendors, see Understanding the HCL BigFix patch orchestration integration with Vulnerability Response and Understanding the Vulnerability Response patch orchestration integration with Microsoft SCCM.
For information about how to schedule patches form records in the workspaces, see Schedule patches with the Microsoft SCCM integration with Vulnerability Response and Schedule patches with the Vulnerability Response patch orchestration integration HCL BigFix.

Available versions of applications and dependencies required for the patch orchestration integration

To view patch Orchestration data and available updates (patches) in the workspaces in Vulnerability Response, the following applications are required. All applications listed are available in the ServiceNow® Store. Some applications require separate subscriptions. See Patch orchestration with Vulnerability Response.

Roles required

In addition to the sn_vul.vulnerability_analyst or sn_vul.vulnerability_admin roles required for the Vulnerability Response Workspaces, users need roles that are specific to the patch orchestration integrations you are using to view data and schedule patches. See the following supported integrations for more information about these roles.

See Understanding the HCL BigFix patch orchestration integration with Vulnerability Response and Understanding the Vulnerability Response patch orchestration integration with Microsoft SCCM.

Patch data in the Vulnerability Response Workspaces

In the IT Remediation Workspace, you can view patch data in the workspaces:

On the Home view, click scorecards to view records for Preferred solutions on VIs, Vulnerable CIs, and Preferred Patches on VIs.
On the List view, view all the Patch Update records (VPUs) and the vulnerable items that are assigned to you that have patches from the available links.

You can schedule patches from the following records:

Patch Update (VPU)
Remediation task (RT)
Discovered Item (SDI)

In the Vulnerability Manager Workspace, you can view patches:

From the Home view on watch topics on the Vulnerable Items tab, you can view preferred and potential patches, Patch scheduled dates, and other information.
From the List view on remediation effort records, you can view patch data on VIT records on the Vulnerable Items tab.