Understanding the Red Hat Solution Integration

  • Release version: Xanadu
  • Updated August 1, 2024
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Understanding the Red Hat Solution Integration

    The Red Hat Solution Integration in ServiceNow’s Vulnerability Response application enables customers to review and implement remediation solutions for security vulnerabilities affecting Red Hat products and services. This integration is part of the Vulnerability Solution Management feature, which requires a separate subscription. It helps customers manage security risks by importing remediation solutions directly from Red Hat.

    Show full answer Show less

    Key Features

    • Data Format Support: Starting with Vulnerability Response version 21.0, Red Hat transmits vulnerability payloads in the Common Security Advisory Framework (CSAF) format, an XML-based standard, replacing the older Common Vulnerability Reporting Framework (CVRF) format. The integration includes a CSAF parser to interpret this new format and populate relevant tables accordingly.
    • Integration Script Configuration: Customers can customize the integration script to specify whether to expect CSAF or CVRF payloads, ensuring compatibility with their data format.
    • Scheduled Job Automation: The integration runs as a scheduled job that automatically synchronizes remediation data between the ServiceNow instance and Red Hat’s vulnerability management systems. The job can also be run manually if needed. The configured run-as user for this job is VR.System, and it is recommended not to change this setting.
    • Integration Access and Management: The integration is accessible via Vulnerability Response > Administration > Integrations. It retrieves solutions along with National Vulnerability Database (NVD) mappings to associate solutions with vulnerabilities, vulnerable items, and remediation tasks.
    • Role-Based Access: Management of the integration requires the snvul.configurerhsaintegration role. ServiceNow provides persona and granular roles for controlling user access and capabilities within Vulnerability Response.

    Key Outcomes

    • Customers receive up-to-date remediation information from Red Hat in a structured format, facilitating efficient vulnerability management.
    • Automation through scheduled jobs reduces manual synchronization efforts and keeps vulnerability data current.
    • Role-based controls ensure secure and appropriate access to integration configuration and remediation data.
    • Support for the latest CSAF format ensures compatibility with Red Hat’s current vulnerability advisories, enhancing the accuracy and usability of remediation solutions.

    You can review and implement proposed remediation solutions provided by the Red Hat Solution Integration in the Vulnerability Response application.

    Red Hat Solution Integration is included in the Vulnerability Solution Management feature of Vulnerability Response, available by separate subscription. See Vulnerability Solution Management for more information on how Vulnerability Response incorporates solutions.

    Red Hat Solution Integration investigates reports of security vulnerabilities affecting Red Hat products and services, and provides solution information to help manage security risks. Solutions known as remediations are imported into your Red Hat Solution Integration from Red Hat.

    Starting from version 21.0 of Vulnerability Response, Red Hat transmits payloads in the Common Security Advisory Framework (CSAF) format rather than the Common Vulnerability Reporting Framework (CVRF) format. CSAF, an XML-based standard, differs in both structure and format from CVRF. To accommodate this change, a new CSAF parser has been developed. This parser interprets the CSAF format, extracting the required fields to populate the tables accordingly.
    Note:
    By default, you will receive the payload in the CSAF format.
    The following extracts show the integration script for parsing the payload received from Red Hat in the CSAF and CVRF formats respectively. 
    /** « This function serves to construct the integration script.

*	The integration process record (integrationProcessGr) is provided in the event

*	The function should return the newly constructed script. */
(function(integrationProcessGr){

// Add any logic here to construct your integration script as necessary.

// Pass true if CSAF payload is expected. Pass false if CVRF payload is expected
return new sn_vul.RedHatSolutionIntegration(true);
})(integrationProcessGr);

    /** « This function serves to construct the integration script.

*	The integration process record (integrationProcessGr) is provided in the event

*	The function should return the newly constructed script. */
(function(integrationProcessGr){

// Add any logic here to construct your integration script as necessary.

// Pass true if CSAF payload is expected. Pass false if CVRF payload is expected
return new sn_vul.RedHatSolutionIntegration(false);
})(integrationProcessGr);

    Red Hat Solution Integration contains entry points to the Red Hat product, invoked as a scheduled job. The scheduled job simplifies the vulnerability remediation life cycle by keeping the instance synchronized with other vulnerability management systems. It runs automatically. You can also execute the scheduled job manually.

    There is a configured run-as user for each integration record. The default value for this user is VR.System. Do not change this value.

    Available versions

    For the most current version of Vulnerability Solution Management and Red Hat solutions, verify you have the most current version of Vulnerability Response installed.

    For more information about installing and configuring Vulnerability Solution Management and solution integrations, see Install the Solution Management for Vulnerability Response application and Configure installed solution integrations for Vulnerability Solution Management using Setup Assistant.

    Release version of Vulnerability Response Version of Vulnerability Solution Management Release Notes

    Vulnerability Response v15.0

    		 v10.3

    For compatibility information, see KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes

    Roles

    Red Hat Solution Integration tasks involve the following role: sn_vul.configure_rhsa_integration

    Persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For an initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

    Red Hat Solution Integration

    To view the Red Hat Solution Integration, navigate to Vulnerability Response > Administration > Integrations.

    The following integration is included in the base system.

    Table 1. Red Hat integration
    Integration Description
    Red Hat Solution Integration

    Retrieves solutions and National Vulnerability Database (NVD) mapping to associate solutions with vulnerabilities, vulnerable items, and remediation tasks.

    Solutions

    To view imported solutions in a list, see View a solution.