Configuring Operational Technology Vulnerability Response

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Configuring Operational Technology Vulnerability Response

    The Operational Technology Vulnerability Response application allows users to configure assignment rules, remediation targets, and risk calculators for effective management of vulnerabilities in OT environments. The guided setup simplifies the process for users with the appropriate roles.

    Show full answer Show less

    Key Features

    • Installation: Requires admin role to install the application, which includes demo data and necessary plugins.
    • Role Assignment: Control user access by assigning roles, including for the OT Vulnerability Remediation Owner and site-specific users.
    • Site Assignment Groups: Create groups for each site to allow users to view only relevant vulnerable items.
    • Remediation Target Rules: Define expected timeframes for addressing vulnerabilities based on site or classification.
    • Risk Calculators: Configure tools to assess risk factors for OT devices and roll up risk scores to higher-level equipment models.
    • Integrations: Install certified integrations to enhance OT vulnerability management functionalities.

    Key Outcomes

    By configuring the Operational Technology Vulnerability Response, customers can effectively manage vulnerabilities, streamline remediation efforts, and ensure that users have access to pertinent information based on their site assignments. This setup enables real-time visibility and a consolidated approach to security exposure management through the SEM Workspace.

    Configure Operational Technology (OT) assignment rules, remediation targets, risk calculators, and risk rollup calculation then configure integrations to create vulnerable item records.

    Note:

    If you have the sn_vul.vulnerability_admin role, you can use the Industrial Guided Setup to lead you through the setup of the Operational Technology Vulnerability Response application.

    To access the Guided Setup, navigate to Industrial Workspace Admin > Guided Setup.

    Task Purpose
    1. Install Operational Technology Vulnerability Response from the ServiceNow Store. Install the Operational Technology Vulnerability Response application.
    2. Assign roles to admin users  or user groups, if needed. Assigns roles to control the actions that are available for each user.
    3. Assign roles for the OT Vulnerability Remediation Owner. Assigns roles to control the actions that are available for the OT Vulnerability Remediation Owner.
    4. Create assignment groups and assign users to sites and groups.
    1. Create an Operational Technology Vulnerability Response site assignment group for each site that you have in the Equipment Model Manager.
    2. Assign users who already have either the cmdb_ot_isa_viewer or cmdb_ot_isa_editor role to sites.
    3. Add users to the assignment group for their site.
    • Allows OT Remediation Owner users to see only vulnerable Items for their site.
    • Allows users to see the Vulnerability Items for the sites they're assigned to.
    5. Configure OT remediation target rules.
    • Assigns OT vulnerable items to site-level groups, or groups based on classification.
    • Defines the expected timeframe for remediating vulnerable items.
    6. Load the demo data records for the Operational Technology Vulnerability Response application. Calculates the remediation target for OT vulnerable items.
    7. Configure OT risk calculators. Determines which OT risk factors to use when calculating the risk of a vulnerable item on an OT device.
    8. Configure OT risk roll up calculator. Calculates the risk score of the OT devices at each level for the equipment model entity.
    9. Install Operational Technology Certified integrations for the Operational Technology Vulnerability Response application that are applicable to your environment. Integrates certified third-party applications that enhance functionality of OT vulnerability management.

    In tasks 5,7, and 8, the guided setup redirects you to the Security Exposure Management Workspace (SEM Workspace). The SEM Workspace is part of ServiceNow’s next-generation platform, Unified Security Exposure Management (USEM). USEM consolidates multiple security exposure applications—Vulnerability Response (VR), Application Vulnerability Response (AVR), Container Vulnerability Response (CVR), and Configuration Compliance (CC)—into a unified architecture. It provides a single source of truth for security exposure, enabling real-time visibility, streamlined workflows, and automated remediation through the SEM Workspace. The SEM Workspace is available for Security Operations Vulnerability Response from version 30.0.0.

    As Vulnerability Response is now consolidated under USEM, starting from Operational Technology Vulnerability Response version 2.0.0, users may be redirected to the SEM Workspace to perform some configuration tasks.