Operational Technology Vulnerability Response release notes
Summarize
Summarized using AI
This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.
Summary of Operational Technology Vulnerability Response release notes
The ServiceNow Operational Technology Vulnerability Response (OTVR) application in the Zurich release helps you prioritize and manage Operational Technology (OT) vulnerabilities at a site level. It integrates with other ServiceNow Industrial and Security applications to provide comprehensive visibility and remediation capabilities for OT vulnerabilities.
Show less
Key Features
- Configuration via SEM Workspace: Starting with version 30.0.x, configuration tasks for OTVR are performed within the Unified Security Exposure Management (USEM) Workspace, streamlining management by consolidating the Vulnerability Response plugin under USEM.
- Risk Calculator without Demo Data: The Operational Technology Vulnerability Response Risk Calculator plugin can now be accessed and used directly without installing demo data, simplifying deployment and usage.
- Enhanced Hardware Vulnerability Assessment:
- Supports assessments for discovery models without normalized data.
- Introduces confidence scores for all assessment types.
- Uses National Vulnerability Database version ranges to create assessments without requiring explicit Common Platform Enumeration (CPE) entries.
- Allows partial assessments for partially normalized models based on publisher and model matching.
- Automatically expires old assessments and generates new ones when firmware versions are updated.
- Vulnerability Risk Scores Dashboard: Provides a table of vulnerability risk scores for OT devices across equipment model levels within the OT Risk Management dashboard.
- Industrial Workspace Enhancements:
- New "All" lists in OT Vulnerable Items, OT Remediation Tasks, and OT Vulnerability Exception Approvals menus enable comprehensive viewing of all related records, provided the user has appropriate roles.
- These lists facilitate tracking of vulnerable items, remediation tasks, and exception approvals directly within the Industrial Workspace.
- Accessibility and UI Improvements: The new Coral theme (default for portals and mobile) offers a fresh, brand-neutral interface with an optional dark mode to improve readability and reduce eye strain.
Activation and Integration
To activate Operational Technology Vulnerability Response, you must request the application from the ServiceNow Store. It integrates with key ServiceNow applications including:
- CMDB CI Class Models: Automatically installs OT extension classes to support asset modeling.
- Vulnerability Response: Enhances prioritization and remediation of OT vulnerabilities based on process criticality.
- Operational Technology Manager: Aggregates OT device data from multiple sources to build foundational data relationships.
- Industrial Process Manager: Creates ISA-95 Equipment Model data foundations essential for industrial site equipment modeling.
Practical Benefits for ServiceNow Customers
With these Zurich release enhancements, ServiceNow customers can expect streamlined configuration within the SEM Workspace, improved vulnerability assessment accuracy—especially for hardware and firmware—and enhanced visibility and tracking of OT vulnerabilities and remediation efforts through the Industrial Workspace. The application’s integration with core ServiceNow Industrial and Security modules ensures a unified approach to managing OT security risks, enabling prioritization based on operational impact and facilitating timely remediation.
The ServiceNow® Operational Technology Vulnerability Response (OTVR) application enables you to prioritize Operational Technology (OT) vulnerabilities at a site level. Operational Technology Vulnerability Response was enhanced and updated in the Zurich release.
Operational Technology Vulnerability Response highlights for the Zurich release
- Configure Operational Technology Vulnerability Response from the Security Exposure Management Workspace (SEM Workspace).
- Access the Operational Technology Vulnerability Response Risk Calculator plugin directly without loading the demo data.
- View all vulnerable items that have been created from the OT Vulnerable Items list in the Industrial Workspace.
- View all remediation tasks that have been created from the OT Remediation Tasks list in the Industrial Workspace.
- View all vulnerability exceptions that have been created from the OT Vulnerability Exception Approvals list in the Industrial Workspace.
- Hardware Vulnerability Assessment is available for firmware discovery models without normalized data.
Important:
Operational Technology Vulnerability Response is available in the ServiceNow Store. For details, see the "Activation information" section of these release notes.
New in the Zurich release
- Configuring Operational Technology Vulnerability Response from the SEM Workspace
- Starting from Operational Technology Vulnerability Response version 30.0.x, users may be redirected to the Unified Security Exposure Management (USEM) Workspace to perform some configuration tasks. The Vulnerability Response plugin is consolidated under USEM from version 30.0.x.
- Demo data not required for Operational Technology Risk Calculator plugin
- You can directly access and use the Operational Technology Vulnerability Response Risk Calculator without loading the demo data while installing the plugin. In previous releases, the risk calculation was included as part of the demo data.
- Enhanced features for Hardware Vulnerability Assessment for OT devices
- The following enhancements are available in Hardware Vulnerability Assessment:
- Assessments without Normalization: Ability to assess discovery models without content available for normalization.
- Confidence Scores: New scoring mechanism for all types of assessments.
- Version Range Support: The range information provided by the National Vulnerability Database (NVD) is used to create assessments without explicitly creating Common Platform Enumeration (CPEs) in the NVD.
- Partial assessment for partially normalized discovery model: Creates partial assessments for discovery models without firmware version. The partial assessments are done if the other versions of the discovery model have the same publisher and model.
- Expiring of assessments: If you update the firmware version of a CI, the corresponding normalized discovery model also updates. The assessment records based on the older firmware version expires while new assessments are generated for new firmware version.
- Vulnerability risk scores on the OT Risk Management dashboard
- View a table of vulnerability risk scores for your OT devices at each level of the equipment model with the OT Risk Management dashboard.
UI changes
- OT Vulnerable items list in the Industrial Workspace
- The All list was added in the OT Vulnerable Items list available in the Industrial Workspace list menu. You can use this section to view all the vulnerable items (VITs) that have been created for your OT environment. You must be assigned the user_role to view all VITs.
- OT Remediation Tasks list in the Industrial Workspace
- The All list was added in the OT Remediation Tasks list available in the Industrial Workspace list menu. You can use this section to view all the remediation tasks that have been created for the respective VITs in your OT environment. You must be assigned the user_role to view the remediation tasks.
- OT Vulnerability Exception Approvals list in the Industrial Workspace
- Use this menu to view all vulnerability exceptions that have been approved by you or assigned to you. This menu enables you to view any change of state for approvals and details of requested approvals for a given exception triggered from the Industrial Workspace.
Activation information
Install Operational Technology Vulnerability Response by requesting it from the ServiceNow Store. Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.
Accessibility information
- Coral theme
- Coral is now the default theme for new portal, web, and mobile experiences with Next Experience or Core UI enabled. This theme provides a fresh look and feel, featuring brand-neutral illustrations to enhance your user experience. A dark theme option is available for web and mobile experiences.
- Dark theme
- The new Coral theme includes a dark theme option for web and mobile experiences. This option is commonly used to alleviate eye strain and improve readability.