Microsoft Security Response Center Solution Integration

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Microsoft Security Response Center Solution Integration

    The Microsoft Security Response Center (MSRC) Solution Integration is part of the Vulnerability Solution Management feature within the Vulnerability Response application, which requires a separate subscription. This integration enables ServiceNow customers to review and implement remediation solutions provided by the MSRC for security vulnerabilities affecting Microsoft products and services.

    Show full answer Show less

    MSRC investigates security vulnerabilities and delivers known remediation solutions that are imported into ServiceNow through this integration. Scheduled jobs run automatically to synchronize vulnerability remediation data between Microsoft Security Response Center and your ServiceNow instance, streamlining the vulnerability lifecycle management.

    Key Features

    • Automated synchronization: Scheduled jobs keep your vulnerability remediation data up-to-date by importing solutions from MSRC and mapping them to vulnerabilities, vulnerable items, and remediation tasks.
    • Manual job execution: You can manually trigger individual scheduled jobs if needed for immediate synchronization.
    • Role-based access: Multiple roles including vulnerability administrators, remediation owners, and configuration roles control access and actions within the integration, ensuring secure and appropriate management.
    • Integration visibility: Access and manage the MSRC integration via the Vulnerability Response > Administration > Integrations module.
    • Solution visibility: Imported remediation solutions are viewable in lists within the application, facilitating review and action.

    Important Details

    • The integration does not provide solutions for vulnerabilities identified before 2016.
    • The run-as user for the integration is preconfigured as VR.System and should not be changed.
    • Ensure your Vulnerability Response and Vulnerability Solution Management applications are updated to the latest versions to access current MSRC solutions.
    • For installation and configuration, use the Setup Assistant to assign appropriate persona and granular roles and to configure the integration.

    Practical Benefits for ServiceNow Customers

    This integration empowers your security and IT teams to efficiently manage Microsoft vulnerability remediations by automating the import of trusted MSRC solutions directly into your ServiceNow environment. It reduces manual effort in tracking and applying fixes, aligns remediation tasks with vulnerability records, and helps maintain a synchronized, comprehensive vulnerability management process tailored to Microsoft product ecosystems.

    Review and implement proposed remediation solutions provided by the Microsoft Security Response Center Solution Integration.

    Microsoft Security Response Center Solution Integration is included in the Vulnerability Solution Management feature of Vulnerability Response, available by separate subscription. See Vulnerability Solution Management for more information on how Vulnerability Response incorporates solutions.

    Microsoft Security Response Center investigates reports of security vulnerabilities affecting Microsoft products and services, and provides solution information to help manage security risks. Solutions are known remediations imported into your Microsoft Security Response Center Solution Integration from the Microsoft Security Response Center product.

    The Microsoft Security Response Center Solution Integration contains entry points to Microsoft Security Response Center product, invoked as scheduled jobs. Scheduled jobs simplify the vulnerability remediation lifecycle by keeping the instance synchronized with other vulnerability management systems. Scheduled jobs run automatically and in the order specified. You can also execute individual scheduled jobs manually.

    There is a configured run-as user for each integration record. The default value for this user is VR.System. Do not change this value.

    Available versions

    For the most current version of Vulnerability Solution Management and Microsoft Security Response Center solutions, verify you have the most current version of Vulnerability Response installed.

    For more information about installing and configuring Vulnerability Solution Management and solution integrations, see Install the Solution Management for Vulnerability Response application and Configure installed solution integrations for Vulnerability Solution Management using Setup Assistant.

    Release version of Vulnerability Response Version of Vulnerability Solution Management Release Notes

    Vulnerability Response v15.0

    		 v10.3

    For compatibility information, see KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes

    Roles

    Microsoft Security Response Center Solution Integration tasks involve the following roles.
    • sn_vul.vulnerability_admin or sn_vul.admin (deprecated): Can read, write, and delete records.
    • sn_vul.vulnerability_write: Can read and write records.
    • sn_vul.vulnerability.read: Can read records.
    • sn_vul.remediation_owner: Can read and write internal notes on records assigned to the remediation specialist group or individual. (Contained in the itil role.)
    • sn_vul.configure_msrc_integration
    • sn_vul.access_setup_assistant
    • sn_vul.access_setup_assistant
    • sn_vul.vulnerability_admin

    Persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For an initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

    Microsoft Security Response Center Solution Integration

    To view the Microsoft Security Response Center Solution Integration, navigate to All > Vulnerability Response > Administration > Integrations.

    The following integration is included in the base system.

    Table 1. Microsoft Security Response Center Solution Integration
    Integration Description
    Microsoft Security Response Center Solution Integration
    Retrieves solutions and National Vulnerability Database (NVD) mapping to associate solutions with vulnerabilities, vulnerable items, and remediation tasks.
    Note:
    The Microsoft Security Response Center Solution Integration does not provide solutions prior to 2016.

    Solutions

    To view imported solutions in a list, see View a solution.