Configuring Operational Technology Vulnerability Response
Summarize
Summary of Configuring Operational Technology Vulnerability Response
The Operational Technology (OT) Vulnerability Response application in ServiceNow enables customers to manage and remediate vulnerabilities specific to OT environments. This involves configuring assignment rules, remediation targets, risk calculators, and integrations to create and manage vulnerable item records effectively. The application is integrated into ServiceNow's Unified Security Exposure Management (USEM) platform from version 30.0.x onward, providing centralized security exposure visibility and streamlined remediation workflows.
Show less
Key Configuration Steps
- Installation: Install the OT Vulnerability Response application from the ServiceNow Store, including demo data and related store applications/plugins.
- Role Assignment: Assign relevant roles, including those for OT Vulnerability Remediation Owners, to control user access and capabilities within the application.
- Site and User Management: Create assignment groups corresponding to each OT site from the Equipment Model Manager. Assign users with the cmdbotisaviewer or cmdbotisaeditor roles to sites and their respective assignment groups to restrict visibility of vulnerability items to relevant locations.
- Vulnerable Item Grouping: Configure OT vulnerability assignment rules to assign vulnerable items to appropriate site-level or classification-based groups.
- Remediation Targets: Set remediation target rules that define expected timeframes for addressing OT vulnerabilities.
- Risk Calculations: Configure OT risk calculators to define risk factors for vulnerable items and use the OT vulnerability risk rollup calculator to aggregate risk scores across equipment model hierarchies.
- Integrations: Install certified third-party integrations to enhance OT vulnerability management capabilities.
Key Outcomes
- Controlled Access: Role and group-based configurations ensure users see and act only on relevant OT vulnerability data tied to their sites.
- Efficient Vulnerability Management: Automated assignment and remediation target rules streamline tracking and addressing OT vulnerabilities.
- Comprehensive Risk Assessment: Risk calculators provide a detailed and hierarchical risk view of OT devices, enabling prioritized remediation.
- Enhanced Functionality via Integrations: Certified third-party integrations extend OT vulnerability management capabilities within the ServiceNow ecosystem.
- Unified Security Exposure Visibility: From version 30.0.x, configuration and management transition to the Security Exposure Management Workspace under USEM for a consolidated security posture.
Additional Guidance
For streamlined setup, users with the snvul.vulnerabilityadmin role can utilize the Industrial Guided Setup accessible via Industrial Workspace Admin > Guided Setup. Customers migrating from earlier versions should use the USEM Migration Assistance Tool to transition smoothly to the consolidated platform.
Configure Operational Technology (OT) assignment rules, remediation targets, risk calculators, and risk rollup calculation then configure integrations to create vulnerable item records.
If you have the sn_vul.vulnerability_admin role, you can use the Industrial Guided Setup to lead you through the setup of the Operational Technology Vulnerability Response application.
To access the Guided Setup, navigate to .
| Task | Purpose |
|---|---|
| 1. Install Operational Technology Vulnerability Response from the ServiceNow Store. | Install the Operational Technology Vulnerability Response application. |
| 2. Assign roles to admin users or user groups, if needed. | Assigns roles to control the actions that are available for each user. |
| 3. Assign roles for the OT Vulnerability Remediation Owner. | Assigns roles to control the actions that are available for the OT Vulnerability Remediation Owner. |
4. Create assignment groups and assign users to sites and groups.
|
|
| 5. Configure OT remediation target rules. |
|
| 6. Load the demo data records for the Operational Technology Vulnerability Response application. | Calculates the remediation target for OT vulnerable items. |
| 7. Configure OT risk calculators. | Determines which OT risk factors to use when calculating the risk of a vulnerable item on an OT device. |
| 8. Configure OT risk roll up calculator. | Calculates the risk score of the OT devices at each level for the equipment model entity. |
| 9. Install Operational Technology Certified integrations for the Operational Technology Vulnerability Response application that are applicable to your environment. | Integrates certified third-party applications that enhance functionality of OT vulnerability management. |
Vulnerability Response apps are consolidated under Unified Security Exposure Management (USEM) from version 30.0.x. Due to this upgrade, starting from Operational Technology Vulnerability Response version 30.0.x, users are redirected to the Security Exposure Management Workspace (SEM Workspace) to perform some configuration tasks.
If you haven't installed Operational Technology Vulnerability Response version 30.0.x, you can use the USEM Migration Assistance Tool to migrate to the USEM platform, ensuring a smooth and secure transition. For more information, see Migrating from Vulnerability Response to Unified Security Exposure Management (USEM).
The SEM Workspace is part of ServiceNow’s next-generation platform, USEM. USEM consolidates multiple security exposure applications—Vulnerability Response (VR), Application Vulnerability Response (AVR), Container Vulnerability Response (CVR), and Configuration Compliance (CC)—into a unified architecture. It provides a single source of truth for security exposure, enabling real-time visibility, streamlined workflows, and automated remediation through the SEM Workspace. For more information about installing USEM, see Install Unified Security Exposure Management.