Microsoft Security Response Center Spoke

  • Release version: Australia
  • Updated March 12, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Microsoft Security Response Center Spoke

    The Microsoft Security Response Center spoke enables integration with the Microsoft Security Response Center API within your ServiceNow instance. This integration allows you to investigate security vulnerabilities affecting Microsoft products and services, helping to manage security risks and enhance system protection.

    Show full answer Show less

    Key Features

    • API Integration: Connects to the Microsoft Security Response Center API to access security vulnerability reports.
    • Automation: Offers actions to automate tasks in ServiceNow, such as submitting abuse reports and retrieving security updates.
    • AI Agents: Includes AI agents like the Microsoft Security Response Center security manager to assist in retrieving security update details.
    • Integration Hub Requirements: Requires an Integration Hub subscription and certain dependent plugins to function correctly.

    Key Outcomes

    By utilizing the Microsoft Security Response Center spoke, you can efficiently manage and respond to security vulnerabilities, automate reporting processes, and leverage AI to enhance workflow efficiency. This integration also simplifies connection management through the use of aliases, ensuring seamless operation across multiple environments.

    Integrate the Microsoft Security Response Center API with your ServiceNow instance to investigate all reports of security vulnerabilities affecting the Microsoft products and services, and gather information to manage security risks and keep the system protected.

    Request apps on the Store

    Visit the ServiceNow Store to view all the available apps, and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    Integration Hub subscription

    This spoke requires an Integration Hub subscription. For more information, see Legal schedules - IntegrationHub overview.

    Spoke version

    Microsoft Security Response Center spoke v1.3.0 is the latest version.

    Supported versions

    This spoke was built for Microsoft Security Response Center API version 2020, but may be compatible with later versions.

    Spoke dependencies

    If you’re having trouble installing the app, ensure that these dependent plugins are installed:
    • ServiceNow IntegrationHub Action Step - REST (com.glide.hub.action_step.rest)
    • Complex Object (com.glide.cobject)
    • ServiceNow IntegrationHub Runtime (com.glide.hub.integration.runtime)
    Note:
    Some of these plugins are licensable features and require appropriate licenses, if used outside the spoke implementation.

    Spoke actions

    The Microsoft Security Response Center spoke provides actions to automate tasks when events occurs in your ServiceNow instance. Available actions include:

    Category Action Description
    Abuse Management Submit Abuse Report Submits report to the Microsoft Computer Emergency Response Team using the Common Abuse Reporting system (CARS).
    Security Management Get Security Update Details Retrieves information about the specific CVRF ID.
    Look up Security Updates Retrieves the list of all Microsoft security updates.
    Look up Security Updates By Key Retrieves the list of security updates based on the provided ID, CVE, or year.

    Available AI agents

    Install Now Assist for Integration Hub and start using the available AI agents. For more information, see Now Assist for Integration Hub.

    This spoke provides standalone AI agents that mimic human-like intelligence to perform tasks in your ServiceNow instance.
    • In the ServiceNow agentic system, you can create an agentic workflow that comprises of a set of large language model (LLM) instructions along with one or more standalone AI agents to execute an objective. See Create an agentic workflow for information about adding AI agents to create agentic workflows as per your requirement and provide the required trigger.

      You can also search for other available AI agents and add them to your agentic workflow. See Find AI agents for more information.

    • You can create a clone of the required spoke AI agent and customize it as per your requirement. See Duplicate an AI agent for more information about creating a clone.
    • See Now Assist AI agents for information about AI agents.

    Available AI agent is Microsoft Security Response Center security manager. This AI agent retrieves details of the security updates based on the provided ID, CVE, or year.

    There might be AI agents installed with the Now Assist application that are not used in agentic workflows. To learn how to see all agents that are available to you, see Find AI agents.

    Note:
    Ensure that the user running an AI agent has the required roles and permissions to access data or perform operations on data in the table that is associated with the AI agent.

    Connection and credential alias requirements

    Integration Hub uses aliases to manage connection and credential information, and OAuth credentials. Using an alias eliminates the need to configure multiple credentials and connection information profiles when using multiple environments. If the connection or credential information changes, you don't need to update any actions that use the connection.

    For information about setting up the spoke, see Set up the Microsoft Security Response Center spoke.