Using Operational Technology Vulnerability Response

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Using Operational Technology Vulnerability Response

    The Operational Technology Vulnerability Response (OTVR) application allows users to manage and respond to vulnerabilities in operational technology environments. Accessible through the Industrial Workspace, it provides tools for tracking vulnerable items, managing remediation tasks, and viewing essential data related to vulnerabilities.

    Show full answer Show less

    Key Features

    • OT Vulnerabilities Tab: View summaries of new vulnerabilities, risk scores, and unaddressed items over the last week.
    • OTVR (PA) Dashboard: Track the performance and progress of vulnerable items, with filtering options for detailed insights.
    • List Menu: Access all OT Vulnerable Item records and remediation tasks assigned to you or your group, including the ability to view item history and add comments.
    • Equipment Model Menu: Manage OT vulnerable items and create remediation tasks linked to specific equipment models.
    • Remediation Task Management: Create, defer, or split remediation tasks, and view preferred solutions for vulnerabilities.
    • Compensating Controls: Configure necessary controls for enhanced operational technology security.

    Key Outcomes

    By utilizing the OTVR application, ServiceNow customers can effectively monitor and manage vulnerabilities, streamline remediation tasks, and enhance the security posture of their operational technology assets. The application supports better decision-making through data-driven insights and facilitates compliance with security standards by addressing vulnerabilities promptly.

    After you complete all required set up tasks, including importing vulnerable items from a third-party integration, you can use the Operational Technology Vulnerability Response application from the Industrial Workspace.

    Industrial Workspace

    To use Operational Technology Vulnerability Response, access the following landing page and menus from the Industrial Workspace.

    For more information on the Industrial Workspace, see Industrial Workspace.

    OT Vulnerabilities tab in the OT Manager dashboard

    Use the OT Vulnerabilities tab in the Industrial Workspace's OT Manager dashboard to view the following data:
    • Summary of new OT vulnerable items created in the last 7 days.
    • Summary of OT vulnerable items by risk score and by state.
    • Any vulnerable items that are unaddressed (OT vulnerable items that have not yet been assigned and are in an open state).
    • Summary of risk score of the OT devices at each level of the equipment model and list of the vulnerable items.
    For more information about the OT Vulnerabilities tab, see Operational Technology Manager dashboard.

    OTVR (PA) dashboard in the Industrial Workspace

    Use the OTVR (PA) dashboard to track the volume, performance, and progress of your vulnerable items from the initial analysis and detection to the containment, or remediation. You can filter the reports by the assignment group, exploits, risk rating, or state to get insight into your vulnerability exposure and the services that are affected.

    For more information about the OTVR (PA) dashboard, see Operational Technology Vulnerability Response (PA) dashboard

    List menu

    Use the List menu to view all OT Vulnerable Item records that you have access to and remediation tasks that have either been assigned to you or to an assignment group that you are a member of.
    • OT Remediation Tasks
      • Assigned to me
      • Assigned to my groups
    • OT Vulnerable Items
      • Assigned to me
      • Assigned to my groups
      • My Exception Requests
      • All Exceptions
        Note:
        The All Exceptions list also shows exceptions with a Rejected state.

    Navigate to records under the OT Remediation Tasks or OT Vulnerable Items list menus to get more OT-related context. To view the history of the record, you can view the Activity window in the record where various work notes, comments, and record updates are captured. You can also add new comments or work notes in the Compose window.

    For more information about remediation tasks, see Create a remediation task.

    For more information on how to use the List view in the Industrial Workspace for Operational Technology Vulnerability Response, see Use the List view in the IT Remediation Workspace.

    Equipment model menu

    Use the Equipment Manager to view OT vulnerable items, and view and create remediation tasks associated with OT devices that are mapped to an equipment model entity.