Operational Technology Vulnerability Response release notes

  • Release version: Yokohama
  • Updated January 30, 2025
  • 5 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Operational Technology Vulnerability Response Release Notes - Yokohama

    The ServiceNow® Operational Technology Vulnerability Response (OTVR) application in the Yokohama release enables customers to prioritize and manage Operational Technology (OT) vulnerabilities at the site level. This release introduces enhancements in assessment capabilities, dashboards, and workspace integrations to improve vulnerability visibility and remediation management within industrial environments.

    Show full answer Show less

    Key Features

    • Configuration via Security Exposure Management Workspace: OT Vulnerability Response can now be configured directly from the Unified Security Exposure Management (USEM) Workspace, streamlining setup and management.
    • Risk Calculator Plugin: The Operational Technology Vulnerability Response Risk Calculator plugin is accessible without requiring demo data, enabling immediate risk assessment of OT vulnerabilities.
    • Hardware Vulnerability Assessment Enhancements:
      • Assessment of firmware discovery models without normalized data.
      • Introduction of confidence scores to improve assessment accuracy.
      • Support for version range data from the National Vulnerability Database (NVD), enabling assessments without explicit Common Platform Enumeration (CPE) entries.
      • Partial assessments for discovery models missing firmware version details.
      • Automatic expiration and update of assessments when firmware versions change.
    • Industrial Workspace Integration:
      • View all OT vulnerable items, remediation tasks, and vulnerability exception approvals through dedicated lists, enhancing operational oversight.
      • Access the Hardware Vulnerability Assessment menu to automate and schedule firmware vulnerability assessments on OT assets.
      • New Vulnerability Solutions section to view remediation solutions for identified vulnerabilities.
      • Dashboard Library icon added for easy access to OT vulnerability dashboards.
    • Dashboards and UI Improvements:
      • Enhanced OTVR (PA) dashboard centralizes OT vulnerability data and visualizations for improved management.
      • OT Vulnerability Risk Rollup dashboard displays risk scores of OT devices across equipment model levels.
      • Site filter added to both OTVR (PA) and Risk Management dashboards to focus data by specific sites.
      • Improved UI for viewing vulnerable item details including state, risk rating, and associated vulnerabilities.

    Changes and Deprecations

    • Data previously shown on the OT Vulnerabilities tab in the OT Manager dashboard has moved to the enhanced OTVR (PA) dashboard.
    • Vulnerability Response Integration with Microsoft Defender for IoT (On-premises Management Console) is being deprecated; it will be hidden and unavailable for new instances but remains supported for existing customers.

    Activation and Related Applications

    Operational Technology Vulnerability Response must be requested and installed from the ServiceNow Store. It integrates with related ServiceNow applications including:

    • CMDB CI Class Models: Extends CMDB hierarchy, supporting OT asset classification.
    • Vulnerability Response: Provides prioritized OT vulnerability remediation based on process criticality.
    • Operational Technology Manager: Aggregates OT device data to build foundational relationships for industrial solutions.
    • Industrial Process Manager: Enables creation of ISA-95 Equipment Models required for the industrial solution’s equipment data foundation.

    The ServiceNow® Operational Technology Vulnerability Response application enables you to prioritize Operational Technology (OT) vulnerabilities at a site level. Operational Technology Vulnerability Response was enhanced and updated in the Yokohama release.

    Operational Technology Vulnerability Response highlights for the Yokohama release

    • Configure Operational Technology Vulnerability Response from the Security Exposure Management Workspace (SEM Workspace).
    • Access the Operational Technology Vulnerability Response Risk Calculator plugin directly without loading the demo data.
    • View all vulnerable items that have been created from the OT Vulnerable Items list in the Industrial Workspace.
    • View all remediation tasks that have been created from the OT Remediation Tasks list in the Industrial Workspace.
    • View all vulnerability exceptions that have been created from the OT Vulnerability Exception Approvals list in the Industrial Workspace.
    • Hardware Vulnerability Assessment is available for firmware discovery models without normalized data.
    • Assess the vulnerabilities for the firmware of the OT assets with Hardware Vulnerability Assessment.
    • View solutions or details of a vulnerable item (VIT) with enhanced UI options.
    • Manage your vulnerable items and Operational Technology Vulnerability Response data with the enhanced OTVR (PA) dashboard in the Industrial Workspace.
    • View the risk score of your OT devices at each level of the equipment model with the OT Vulnerability Risk Rollup dashboard.

    See Operational Technology Vulnerability Response for more information.

    Important:
    Operational Technology Vulnerability Response is available in the ServiceNow Store. For details, see the "Activation information" section of these release notes.

    New in the Yokohama release

    Configuring Operational Technology Vulnerability Response from the SEM Workspace
    Starting from Operational Technology Vulnerability Response version 30.0.x, users may be redirected to the Unified Security Exposure Management (USEM) Workspace to perform some configuration tasks. The Vulnerability Response plugin is consolidated under USEM from version 30.0.x.
    Demo data not required for Operational Technology Risk Calculator plugin
    You can directly access and use the Operational Technology Vulnerability Response Risk Calculator without loading the demo data while installing the plugin. In previous releases, the risk calculation was included as part of the demo data.
    Enhanced features for Hardware Vulnerability Assessment for OT devices
    The following enhancements are available in Hardware Vulnerability Assessment:
    • Assessments without Normalization: Ability to assess discovery models without content available for normalization.
    • Confidence Scores: New scoring mechanism for all types of assessments.
    • Version Range Support: The range information provided by the National Vulnerability Database (NVD) is used to create assessments without explicitly creating Common Platform Enumeration (CPEs) in the NVD.
    • Partial assessment for partially normalized discovery model: Creates partial assessments for discovery models without firmware version. The partial assessments are done if the other versions of the discovery model have the same publisher and model.
    • Expiring of assessments: If you update the firmware version of a CI, the corresponding normalized discovery model also updates. The assessment records based on the older firmware version expires while new assessments are generated for new firmware version.
    Hardware Vulnerability Assessment menu in the Industrial Workspace
    Automatically and periodically assess the OT device firmware vulnerabilities that are in your inventory and create vulnerable items against the impacted assets (CI).
    Vulnerability risk scores on the OT Risk Management dashboard
    View a table of vulnerability risk scores for your OT devices at each level of the equipment model with the OT Risk Management dashboard.
    Enhanced OTVR (PA) dashboard experience
    View and manage all of your OT vulnerability data and data visualizations in a centralized location with the enhanced OTVR (PA) dashboard, which is accessible on the Dashboard Library page.

    UI changes

    OT Vulnerable items list in the Industrial Workspace
    The All list was added in the OT Vulnerable Items list available in the Industrial Workspace list menu. You can use this section to view all the vulnerable items (VITs) that have been created for your OT environment. You must be assigned the user_role to view all VITs.
    OT Remediation Tasks list in the Industrial Workspace
    The All list was added in the OT Remediation Tasks list available in the Industrial Workspace list menu. You can use this section to view all the remediation tasks that have been created for the respective VITs in your OT environment. You must be assigned the user_role to view the remediation tasks.
    OT Vulnerability Exception Approvals list in the Industrial Workspace
    Use this menu to view all vulnerability exceptions that have been approved by you or assigned to you. This menu enables you to view any change of state for approvals and details of requested approvals for a given exception triggered from the Industrial Workspace.
    Dashboard Library icon
    The Dashboard Library icon (dashboard library icon) was added to the Industrial Workspace and contains the available dashboards for Operational Technology, including the OTVR (PA) dashboard.
    Site filter on the OTVR (PA) dashboard and the Risk Management dashboard
    A site filter was added to both the OTVR (PA) dashboard and the OT Risk Management dashboard in the Industrial Workspace so you can filter the displayed data by a chosen site.
    Vulnerability Solutions section in the List menu of Industrial Workspace
    A new Vulnerability Solutions section was added in the List menu (List icon) of the Industrial Workspace. In the Solutions section, you can view the solutions for the enlisted VITs.
    Overview tab for a vulnerable item
    The Overview tab in a VIT provides important information about the VIT, such as State, Risk Rating, Risk Score, Associated Vulnerability, and more.

    Changed in this release

    OT Vulnerabilities tab data
    The following data that was available in the OT Vulnerabilities tab of the OT Manager dashboard has been moved to the OTVR (PA) dashboard:
    • Total OT Vulnerable Items
    • New OT Vulnerable Items
    • OT Unassigned Vulnerable Items
    • OT Vulnerable Items by State
    • OT Vulnerable Items by Risk Rating

    Deprecations

    • The OT Vulnerabilities tab is no longer available on the OT Manager dashboard in the Industrial Workspace.
    • Starting with the Yokohama release, Vulnerability Response Integration with Microsoft Defender for IoT (On-premises Management Console) integration is being prepared for future deprecation. It will be hidden and no longer activated on new instances but will continue to be supported.

    Activation information

    Install Operational Technology Vulnerability Response by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    Related ServiceNow applications and features

    CMDB CI Class Models
    The CMDB CI Class Models application adds class models that extend the CMDB class hierarchy, including class descriptions, identification rules, identifier entries, and dependent relationships.
    Vulnerability Response
    When integrated with Operational Technology Vulnerability Response, the ServiceNow Vulnerability Response application aids you with prioritizing and resolving OT vulnerabilities based on process criticality.
    Operational Technology Manager
    The ServiceNow Operational Technology Manager application enables you to aggregate OT device data from multiple sources so that you can build the foundational data relationships used in the Industrial solution.
    Industrial Process Manager
    Use the ServiceNow® Industrial Process Manager application to create the ISA-95 Equipment Model data foundation that is required for the Industrial solution, enabling you to create your own version of the equipment models in each of your industrial solution sites.