For more information about installing and activating the Vulnerability Response application, see, Install Vulnerability Response. This integration requires version 16.1 of Vulnerability Response or later.

If not already installed, get entitlements and install and third-party scanner application to import vulnerability data.

See Vulnerability Response integrations for more information about third-party scanners supported by Vulnerability Response.

See .

If not already installed, get entitlements and download the Vulnerability Response Patch Orchestration with Microsoft SCCM application to your ServiceNow AI Platform® instance.

Obtain Microsoft SCCM credentials.

Verify you have any account names, passwords, and other service information required by your Microsoft products so that you have access to them.

Verify that you have groups or users to manage the integrations and remediate vulnerable items.

admin

The system admin gets entitlements, downloads, and installs the Microsoft SCCM Patch Orchestration application and the other applications required for the integration. If not assigned, the admin assigns the vulnerability admin (sn_vul.vulnerability_admin) and other roles in the Setup Assistant in Vulnerability Response or from the User Administration module.

sn_vul.vulnerability_admin

Once assigned, the vulnerability admin completes the configuration of the Microsoft SCCM integrations and the other third-party applications. This role has complete access to the Vulnerability Response (VR) application and its records. This role configures all VR applications, rules, third-party integrations, Vulnerability Response Patch Orchestration and Vulnerability Solution Management applications.

sn_vul_sccm.configure_integration

Users with this role configure the Microsoft SCCM Patch Orchestration Integration application. This role contains the sn_vul_sccm.read_integration and connection_admin granular roles that permit the user to connect to the SCCM console and configure the integration instances in your ServiceNow AI Platform.

sn_vul_sccm.read_integration

Users with this role can view (read only) the  records of the Vulnerability Response and the Microsoft SCCM Patch Orchestration Integration application and patch orchestration data.

sn_vul_patch_orch.configure_patch

Users with this role can configure and apply patches. Patches requested by this user from Vulnerable item and Patch Update records are sent for approval if change management is active and approvers are assigned.

sn_vul_patch_orch.read_patch

Users with this role can view (read only) patch information on records. This role is inherited with the sn_vul.remediation_owner and sn_vuln.vulnerability_analyst roles that are required for the IT Remediation and Vulnerability Manager Workspaces.

Approvers

Users assigned to the Approver level 1 and, optionally, Approver level 2, approver groups approve submitted patch requests. By default, patches are submitted to the Approver level 1 group for approval prior to deployment.

For more information about the approval process, see Configure the Vulnerability Response Patch Orchestration with Microsoft SCCM integration. For more information about setting up approvers and groups, see Assign the Vulnerability Response persona roles using Setup Assistant.

The system admin performs the initial assignment of roles to users and groups for the integration. By default, the Vulnerability Response group is available. If not already created, you may prefer to create additional groups for remediation specialist and vulnerability analyst roles and add users with the User Administration module in your instance. See Create a user group.